Palo Alto Networks PAN-OS Firewall/Panorama WebUI Default Credentials

high Nessus Plugin ID 71496

Synopsis

A web application on the remote host is protected using default credentials.

Description

The Palo Alto Networks PAN-OS Firewall / Panorama WebUI interface on the remote host has the 'admin' user account secured with the default password. An unauthenticated, remote attacker can exploit this to gain administrative access to the web interface.

Solution

Secure the 'admin' user account with a strong password.

See Also

http://www.nessus.org/u?428c8b63

Plugin Details

Severity: High

ID: 71496

File Name: palo_alto_webui_default_creds.nasl

Version: 1.13

Type: remote

Family: Firewalls

Published: 12/17/2013

Updated: 4/17/2020

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Default admin credentials.

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: manual

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:T/RC:C

Vulnerability Information

CPE: cpe:/o:paloaltonetworks:pan-os

Required KB Items: www/palo_alto_panos

Excluded KB Items: global_settings/supplied_logins_only