cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Who Me Too'd this topic

cvp 11.5 Java JMX RMI Accessible with Common Credentials

mkhriesa
Level 1
Level 1

Hello,

we need to solve variability on our cvp

 

CVE ID: CVE-2015-0225

THREAT:
Java JMX interface is accessible via following username/password pairs:
admin/password
admin/admin
admin/activemq
monitorRole/QED
controlRole/R%26D
controlrole/password
monitorrole/password
cassandra/cassandrapassword
monitorRole/tomcat
controlRole/tomcat
monitorRole/mrpasswd
controlRole/crpasswd
role1/role1passwd
role2/role2passwd
role3/role3passwd
admin/thisIsSupposedToBeAStrongPassword!
QID Detection Logic (Authenticated):
This QID tries to log into JMX RMI server using above credentials.
Note:if remote JMX RMI sever
accessible without authentication. all of above credentials will post.
IMPACT:
Successful exploitation allows attacker to execute arbitrary Java code.
SOLUTION:
Change the common password.

 

which password?

Who Me Too'd this topic