Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.111013
Categoría:Default Accounts
Título:Apache Tomcat Server Administration Default/Hardcoded Credentials
Resumen:The Apache Tomcat Server Administration is using default or known; hardcoded credentials.
Descripción:Summary:
The Apache Tomcat Server Administration is using default or known
hardcoded credentials.

Vulnerability Impact:
This issue may be exploited by a remote attacker to gain
access to sensitive information.

Solution:
Change the password to a strong one or remove the user from tomcat-users.xml.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: BugTraq ID: 44172
BugTraq ID: 36954
BugTraq ID: 79264
BugTraq ID: 79351
BugTraq ID: 37086
BugTraq ID: 36258
BugTraq ID: 38084
Common Vulnerability Exposure (CVE) ID: CVE-2010-4094
http://www.securityfocus.com/bid/44172
http://download4.boulder.ibm.com/sar/CMA/RAA/013m6/0/UpdateLog.txt
http://www.zerodayinitiative.com/advisories/ZDI-10-214/
http://osvdb.org/69008
http://securitytracker.com/id?1024601
http://secunia.com/advisories/41784
http://www.vupen.com/english/advisories/2010/2732
Common Vulnerability Exposure (CVE) ID: CVE-2009-3548
http://www.securityfocus.com/bid/36954
Bugtraq: 20091109 [SECURITY] CVE-2009-3548 Apache Tomcat Windows Installer insecure default administrative password (Google Search)
http://www.securityfocus.com/archive/1/507720/100/0/threaded
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
http://www.securityfocus.com/archive/1/516397/100/0/threaded
HPdes Security Advisory: HPSBMA02535
http://marc.info/?l=bugtraq&m=127420533226623&w=2
HPdes Security Advisory: HPSBOV02762
http://marc.info/?l=bugtraq&m=133469267822771&w=2
HPdes Security Advisory: HPSBST02955
http://marc.info/?l=bugtraq&m=139344343412337&w=2
HPdes Security Advisory: HPSBUX02541
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113
HPdes Security Advisory: HPSBUX02860
http://marc.info/?l=bugtraq&m=136485229118404&w=2
HPdes Security Advisory: SSRT100029
HPdes Security Advisory: SSRT100145
HPdes Security Advisory: SSRT100825
HPdes Security Advisory: SSRT101146
http://markmail.org/thread/wfu4nff5chvkb6xp
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/df497a37fbf98e38d4c83e44829745fe9851b5fde928409c950f80e6@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19414
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7033
http://www.securitytracker.com/id?1023146
http://secunia.com/advisories/40330
http://secunia.com/advisories/57126
http://www.vupen.com/english/advisories/2009/3185
http://www.vupen.com/english/advisories/2010/1559
XForce ISS Database: tomcat-admin-default-password(54182)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54182
Common Vulnerability Exposure (CVE) ID: CVE-2009-4189
http://www.intevydis.com/blog/?p=87
Common Vulnerability Exposure (CVE) ID: CVE-2009-3099
http://intevydis.com/vd-list.shtml
http://secunia.com/advisories/36541
Common Vulnerability Exposure (CVE) ID: CVE-2009-3843
HPdes Security Advisory: HPSBMA02478
http://marc.info/?l=bugtraq&m=125873415424980&w=2
HPdes Security Advisory: SSRT090251
http://www.zerodayinitiative.com/advisories/ZDI-09-085/
http://www.osvdb.org/60317
http://securitytracker.com/id?1023222
http://secunia.com/advisories/37444
XForce ISS Database: operations-manager-unspecified-sec-bypass(54361)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54361
Common Vulnerability Exposure (CVE) ID: CVE-2009-4188
http://www.securityfocus.com/bid/36258
Common Vulnerability Exposure (CVE) ID: CVE-2010-0557
http://www.securityfocus.com/bid/38084
http://www.osvdb.org/62118
http://secunia.com/advisories/38457
http://www.vupen.com/english/advisories/2010/0297
CopyrightCopyright (C) 2015 SCHUTZWERK GmbH

Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2020 E-Soft Inc. Todos los derechos reservados.