Skip to content

Sensitive Data: Apache CloudStack - Default Login

Identifier: cloudstack_default_login

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

Apache CloudStack cloud infrastructure management platform may be accessible with weak default credentials, allowing unauthorized access to virtual machine management, network configuration, and administrative functions.

How we test: We attempt to authenticate to the Apache CloudStack interface using common default username and password combinations. If authentication succeeds, we report the vulnerability.

Configuration

Example

Example configuration:

---
security_tests:
  cloudstack_default_login:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.