Hardcoded Password Vulnerability in SysAid Help Desk

Hardcoded Password Vulnerability in SysAid Help Desk

CVE-2015-3001 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

SysAid Help Desk before 15.2 uses a hardcoded password of Password1 for the sa SQL Server Express user account, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.