Primary

Context

OpenAtlas Hardcoded Administrator Password Vulnerability

Vulnerability

A vulnerability exists in OpenAtlas version 8.11.0, where the default installation creates an administrator account with a hardcoded password. This password allows full administrative access to the application. The vulnerability arises because the default password is widely known and remains active unless changed manually.

Impact

Exploitation of this vulnerability allows unauthorized users to gain administrative privileges, enabling them to take full control of the application.

Remediation

Users are advised to update to OpenAtlas version 8.12.0. As a temporary measure, the administrator password should be changed.

Added: Aug 4, 2025, 3:19 PM

Updated: Aug 4, 2025, 4:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenAtlas Hardcoded Administrator Password Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating