HP StorageWorks MSA P2000 Hidden 'admin' User Default Credentials

critical Nessus Plugin ID 51369

Synopsis

The remote device has an account with default credentials.

Description

The remote device appears to be a HP StorageWorks MSA P2000 series.
There is a hidden, undocumented account named 'admin' secured with a default password of '!admin'.

A remote attacker can exploit this to gain privileged access to the management interface.

Solution

Use the workaround described in the HP security bulletin SSRT100356.

See Also

https://seclists.org/bugtraq/2010/Dec/102

https://seclists.org/bugtraq/2010/Dec/260

https://www.zerodayinitiative.com/advisories/ZDI-12-015/

http://www.nessus.org/u?08b08d05

Plugin Details

Severity: Critical

ID: 51369

File Name: hp_storageworks_admin_default_creds.nasl

Version: 1.29

Type: remote

Published: 12/23/2010

Updated: 8/5/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2010-4115

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/h:hp:storageworks_modular_smart_array

Excluded KB Items: global_settings/supplied_logins_only

Exploit Ease: No exploit is required

Patch Publication Date: 12/16/2010

Vulnerability Publication Date: 12/13/2010

Reference Information

CVE: CVE-2010-4115

BID: 45386

IAVB: 2010-B-0118-S

Secunia: 42583