Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> General >> Brightmail Control Center Default Account/Password


Vulnerability Assessment Details

Brightmail Control Center Default Account/Password

Vulnerability Assessment Summary
Checks for default account / password in Brightmail Control Center

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote server uses known authentication credentials.

Description :

The remote host is running Symantec's Brightmail Control Center, a
web-based administration tool for Brightmail AntiSpam.

The installation of Brightmail Control Center on the remote host still
has an account 'admin' with the default password 'symantec'. An
attacker can exploit this issue to gain access of the Control Center
and any scanners it controls.

Solution :

Log in to the Brightmail Control Center and change the password for
the 'admin' user.

Network Security Threat Level:

High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2005-2006 Tenable Network Security

Cables, Connectors

SK HYNIX 8GB X 2 OF 4GB PC3L-12800S
$35.0
SK HYNIX 8GB X 2 OF 4GB PC3L-12800S  pictureLENOVO EDGE THINKPAD E530 320GB 15.6" 4GB RAM i3-3120M 2.5GHz DUAL CORE 22988-1
$135.95
LENOVO EDGE THINKPAD E530  320GB 15.6HP 280 G1 Core i5-4590S 8GB Ram 1TB HDD Win 10 Pro
$179.99
HP 280 G1 Core i5-4590S 8GB Ram 1TB HDD Win 10 Pro pictureOWC 8.0GB (2X 4GB) P1333MHz 204-Pin DDR3 SO-DIMM PC3-10600 CL9 Memory Upgrade Ki
$53.51
OWC 8.0GB (2X 4GB) P1333MHz 204-Pin DDR3 SO-DIMM PC3-10600 CL9 Memory Upgrade Ki picture


Discussions

No Discussions have been posted on this vulnerability.