CVE-2022-22767 The BD Pyxis™ products had default credentials and may still operate with them.

Threat actors may also be able to change the local operating system or domain-joined server(s) credentials to their own choice to provide their own level of access. This may also potentially lead to threat actors being able to access the underlying file system. Other potential risks posed by default local operating system or domain-joined server(s) credentials may include: a the risk of a service being disabled or becoming unavailable if the network administrator changes the local operating system or domain-joined server(s) credentials. The risk of a service becoming unavailable if the network administrator changes the local operating system or domain-joined server(s) credentials may present a significant inconvenience to the organization.

CVE-2014-6332

Default usernames and passwords for a Microsoft Windows Server 2003 R2 x86-64

The default usernames and passwords for a Microsoft Windows Server 2003 R2 x86-64 are as follows:
Administrator: Administrator
Administrator@ServerName.com: Administrator
Administrator@ServerName.local: Administrator

How does the default local OS or Domain joined server’s credentials affect network security?

The default local operating system or domain-joined server’s credentials can potentially provide a way for threat actors to gain access to the underlying file system and disrupt or steal data. This may also lead to other risks posed by this account, such as a service becoming unavailable if the network administrator changes the default local operating system or domain-joined server’s credentials.

Timeline

Published on: 06/02/2022 14:15:00 UTC
Last modified on: 06/11/2022 00:53:00 UTC

CVE-2014-6332

Default usernames and passwords for a Microsoft Windows Server 2003 R2 x86-64

How does the default local OS or Domain joined server’s credentials affect network security?

Timeline

References