A threat actor may gain unauthorized access using the default username and password.
- Threat actor requests a web application interface
- Sever sends a login request
- Threat actor uses admin for as username and admin for password
- Sever sends the web application interface
Vary
- Gain unauthorized access
- Remove default credentials
91f9b046-b802-425a-b71b-64c21c6b1c0f