Citrix NetScaler Web Management Interface Default Administrator Credentials

high Nessus Plugin ID 66394

Synopsis

A web application is protected using default administrative credentials.

Description

The remote Citrix NetScaler Web Management Interface uses a default password ('nsroot') for the administrator account ('nsroot').

With this information, an attacker can gain complete administrative access to the Citrix NetScaler appliance.

Solution

Reset the nsroot password.

See Also

http://www.nessus.org/u?74336bf9

Plugin Details

Severity: High

ID: 66394

File Name: netscaler_web_default_creds.nasl

Version: 1.5

Type: remote

Family: Web Servers

Published: 5/13/2013

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:citrix:netscaler

Required KB Items: www/netscaler

Excluded KB Items: global_settings/supplied_logins_only