CVE-2014-9576

Name of the Vulnerable Software and Affected Versions VDG Security SENSE (formerly DIVA) version 2.3.13

Description The issue allows remote attackers to obtain access due to hardcoded passwords for certain accounts. Specifically, the passwords ArpaRomaWi for the root Postgres account, and !DVService for the postgres and NTP Windows user accounts are hardcoded.

Recommendations For VDG Security SENSE (formerly DIVA) version 2.3.13, consider changing the hardcoded passwords ArpaRomaWi and !DVService for the root Postgres, postgres, and NTP Windows user accounts to unique, secure passwords to prevent unauthorized access.