Marco Pasetto

Exclude authentication attempts with default credentials

Discussion created by Marco Pasetto on Aug 16, 2019
Latest reply on Aug 21, 2019 by Marco Pasetto

Hi All,

 

I'm running vulnerability scans to the Integrated Management Module (IMM) of several Lenovo x3650 M5 servers.

For every scan we are receiving multiple notifications like:

Alert Text: Security: Userid: USERID using the standard password had 4 login failures from WEB client at IP address [Qualys Scanner IP]

 

I have already tried to exclude the QIDs with the following title but the authentications still persist:

default account
default password
default credential
Default Service Credentials
Default Authentication Credentials
Example Credential
Default Static Account Credentials
Default Administrative Credentials
Default Administrative Access
Default administration account
Default Username-Password
Default Login
Default Admin Password
Default remote administration password
Default administrator password
default admin password
default support password
default administration password

 

Could you please help me to identify the correct QID?

 

Thank you.

Marco

Outcomes