Detections
Analytics
ManageEngine Security Manager Plus Default Administrator Credentials
high Nessus Plugin ID 63205
Language:
Synopsis
A web application is protected using default administrative credentials.Description
The remote ManageEngine Security Manager Plus install uses a default set of credentials ('admin' / 'admin') to control access to its management interface.With this information, an attacker could gain administrative access to the application.
Solution
Log into the application and personalize the account to change the default login credentials.See Also
Plugin Details
Severity: High
ID: 63205
File Name: manageengine_security_manager_default_creds.nasl
Version: 1.10
Type: remote
Family: CGI abuses
Published: 12/10/2012
Updated: 6/5/2024
Supported Sensors: Nessus
Enable CGI Scanning: true
Vulnerability Information
CPE: x-cpe:/a:zohocorp:manageengine_security_manager_plus
Required KB Items: www/manageengine_security_manager
Excluded KB Items: Settings/disable_cgi_scanning, global_settings/supplied_logins_only