During a post-deployment audit of a new network switch, a security analyst discovers that the vendor's default administrative account is still enabled and has no password set.
Which vulnerability category best describes this issue?
Leaving default or blank administrative credentials in place is a classic example of a security misconfiguration. It allows anyone who knows-or can easily guess-the default login to gain unauthorized control of the device. In contrast, broken access control involves flaws in permission checks, insecure design points to architectural shortcomings, and cryptographic failures involve weaknesses in encryption or key handling-not the presence of default credentials.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are common examples of default accounts on network devices?
Open an interactive chat with Bash
What are the risks associated with weak passwords on network devices?
Open an interactive chat with Bash
What steps can be taken to mitigate security misconfigurations?