Detections
Analytics

MySQL Default Account Credentials

critical Nessus Plugin ID 61696

Language:

Synopsis

The remote database server has one or more sets of known credentials.

Description

The MySQL database server listening on the remote host has one or more known credentials.

Note that this plugin checks generically for a variety of known account credentials. A finding involving, say, the 'scrutinizer' account does not necessarily mean that an associated Scrutinizer product is installed, only that Nessus was able to authenticate to the MySQL server using the reported credentials.

Solution

Either remove the affected accounts or change the associated password.

See Also

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10627

Plugin Details

Severity: Critical

ID: 61696

File Name: mysql_default_accounts.nbin

Version: 1.97

Type: remote

Family: Databases

Published: 8/28/2012

Updated: 7/17/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2014-3413

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:W/RC:X

Vulnerability Information

CPE: cpe:/a:mysql:mysql

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

Metasploit (Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential)

Reference Information

CVE: CVE-2012-3951, CVE-2014-3413

BID: 54731, 63223