Description
The GlassFish Admin Console is protected with weak or default credentials. Acunetix was able to guess the username and password required to access this page. A weak password is short, common, a system default, or something that could be rapidly guessed by executing a brute force attack using a subset of all possible passwords, such as words in the dictionary, proper names, words based on the user name or common variations on these themes.
Remediation
Enforce a strong password policy. Don't permit weak passwords or passwords based on dictionary words.
References
Related Vulnerabilities
WordPress Plugin Doneren met Mollie Information Disclosure (2.8.4)
Joomla! Core 3.x.x Information Disclosure (3.0.0 - 3.9.19)
WordPress Plugin Unyson Information Disclosure (2.7.18)
Drupal Core 6.x Information Disclosure (6.0 - 6.30)
WordPress Plugin Order Export & Order Import for WooCommerce Information Disclosure (1.0.8)