WHID 2005-42: Default password in a common application used by schools

The software has a default password for teachers, enabling anyone to access the system with teachers privileges.

Additional information:

Software glitch reveals private data for thousands of state's students
S.F. administrators close program to update passwords [Sfgate, Oct 21 2005]

Attack Method:

Insufficient Authentication

Incident Outcome:

Disclosure Only

Add new comment