H3-2021-0017

Weak or Default Credentials - MySQL

Description

A weak or default database credential was found. This security weakness can be exploited by attackers who use brute force techniques to guess passwords or leverage known default credentials to gain unauthorized access. Tools like Ncrack and Hydra can automate this exploit, rapidly testing multiple password combinations to identify the correct one.

Impact

If an attacker successfully exploits this weakness, they can gain access to the MySQL database, allowing them to view, alter, or delete sensitive data. In some cases, attackers may be to execute commands on the underlying MySQL host, potentially leading to further compromise of the network.

References

• CWE-521: Weak Password Requirements
• MITRE ATT&CK Technique: T1110: Brute Force
• MITRE ATT&CK Technique: T1078.001: Valid Accounts: Default Accounts