ADMIN CONSOLE ACTIVE

Feature Value
Type Detection
Risk OWASP A6
Covered by Agent

The app server admin console is automatically installed and not removed. Default accounts are not changed. Attacker discovers the standard admin pages are on your server, logs in with default passwords and takes over

More information

How to solve it

Disable admin consoles on production if possible