Detections
Analytics

ManageEngine OpManager Default Credentials

high Nessus Plugin ID 81380

Language:

Synopsis

The application hosted on the remote web server uses a default set of known credentials.

Description

The remote ManageEngine OpManager web administration interface uses a known set of hard-coded default credentials. An attacker can use these to gain administrative access to the remote host.

Solution

Apply the patch referenced in the vendor advisory.

See Also

http://www.nessus.org/u?cab0ef7c

http://www.nessus.org/u?5f76ba3d

https://seclists.org/fulldisclosure/2015/Sep/66

Plugin Details

Severity: High

ID: 81380

File Name: manageengine_opmanager_default_creds.nasl

Version: 1.10

Type: remote

Family: CGI abuses

Published: 2/16/2015

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2015-7765

Vulnerability Information

CPE: cpe:/a:zohocorp:manageengine_opmanager

Required KB Items: installed_sw/ManageEngine OpManager

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/24/2015

Vulnerability Publication Date: 9/14/2015

Exploitable With

Core Impact

Metasploit (ManageEngine OpManager Remote Code Execution)

Elliot (ManageEngine OpManager SQL Injection)

Reference Information

CVE: CVE-2015-7765