The Java keystore in all versions and editions of Rapid7 Nexpose before 6.4.50 is encrypted with a static password of 'r@p1d7k3y5t0r3' which is not modifiable by the user. The keystore provides storage for saved scan credentials in an otherwise secure location on disk.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rapid7 nexpose |