CVE-2022-2336

Name of the Vulnerable Software and Affected Versions Softing Secure Integration Server, edgeConnector, and edgeAggregator software (affected versions not specified)

Description The issue concerns the use of default administrator credentials, with the username as admin and the password as admin. This allows for direct login to the server to perform administrative functions without prompting the user to change the default password upon installation or first login. The process to change the password is complex and requires multiple steps.

Recommendations For Softing Secure Integration Server, edgeConnector, and edgeAggregator software, change the default administrator password admin to a strong, unique password as soon as possible to prevent unauthorized access. As a temporary workaround, consider restricting access to the server until the default password is changed. Avoid using the default admin credentials for any administrative functions until the password is updated.