SOI Tech Tip: SOI application server Vulnerability Axis2 default Administrator Password

Document created by Britta_Hoffner Employee on Feb 1, 2017
Version 1Show Document
  • View in full screen mode

We have published the following technical document:

 

Document ID:  TEC1342172
Last Modified Date:  02/01/2017
Show Technical Document Details

Introduction:

The Axis2 administrator 'admin' has a password that is set to the default value of 'axis2'. As a result, anyone with access to the Axis2 port can trivially gain full access to the machine via arbitrary remote code execution.

Question:

How can I change the Axis2 default password ?

Environment:
SOI 4.0
Answer:

Edit C:\Program Files (x86)\CA\SOI\tomcat\webapps\axis2\WEB-INF\conf\axis2.xml file

change the following:

<parameter name="userName">admin</parameter>
<parameter name="password">axis2</parameter>

into:

<parameter name="userName">admin</parameter>
<parameter name="password"><newpassword></parameter>

save the file.

Restart the SOI Application Server Service

 

 

https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.TEC1342172.html

Attachments

    Outcomes