PT-2007-6468 · Atlassian · Stride

Durito

Published

2007-10-12

Updated

2018-10-15

CVE-2007-5432

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Stride version 1.0

Description: The issue allows remote attackers to obtain administrative access due to a default administrator username and password. The default username is scott and the default password is running. This can be exploited through the "login.php" endpoint.

Recommendations: For Stride version 1.0, change the default administrator username and password to secure credentials as soon as possible to prevent unauthorized access. Consider temporarily restricting access to the "login.php" endpoint until the default credentials are changed.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2007-5432

Affected Products

Stride

PT-2007-6468 · Atlassian · Stride

CVE-2007-5432

Weakness Enumeration

Related Identifiers

Affected Products

References · 5