Skip to main content

Change system default credentials

Summary

The organization must modify all default access credentials of embedded systems.

Description

Organizations usually keep default configurations of third-party products, since these may adapt to most environments where they are installed and facilitate the deployment to production. However, this practice may leave a default open gate for products and, in most cases, credentials within provider documentation, which can be easily found on the Internet. For this reason it is important to check all configurations before deployment and remove all default credentials.

Supported In

This requirement is verified in following services:

PlanSupported
Machine🟢
Squad🟢
One-Shot🟢

References

Vulnerabilities