Summary
The remote Fujitsu KVM is prone to a default account authentication bypass vulnerability.
Impact
This issue may be exploited by a remote attacker to gain access to sensitive information or modify system configuration without requiring authentication.
Solution
Set a password.
Insight
It was possible to login with username "Admin" and an empty password.
Detection
This check tries to login into the remote KVM as Admin.
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Tandberg Devices Default Password
- IPmux-2L TDM Pseudowire Access Gateway Default Credentials
- Multiple Barracuda Products Security Bypass and Backdoor Unauthorized Access Vulnerabilities
- Schneider Electric Quantum Ethernet Module Hardcoded Credentials Authentication Bypass Vulnerability
- CS121 UPS Default Admin Credentials