Executive Summary

This vulnerability exists in Airship AI Acropolis where a default administrative account is created with the same credentials on every installation. If users do not change this default password, a remote attacker can log in using these known credentials and gain administrative privileges on the system.

Useful 0 Not Useful 0

Impact Analysis

If exploited, this vulnerability allows a remote attacker to gain full administrative access to the affected Airship AI Acropolis instance. This can lead to unauthorized control over the system, potentially resulting in data breaches, system manipulation, or disruption of services.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by checking if the Airship AI Acropolis installation is running a version prior to 10.2.35, 11.0.21, or 11.1.9 and if the default administrative account password has not been changed. You can verify the version of Airship AI Acropolis installed on your system by running commands that query the software version, such as `airship-acropolis --version` or checking the installed package version depending on your OS. Additionally, scanning for the presence of default credentials can be done by attempting to log in with the known default administrative account credentials. Network monitoring tools can also be used to detect unauthorized login attempts using these default credentials.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include changing the default administrative account password to a strong, unique password immediately after installation. Additionally, update Airship AI Acropolis to one of the fixed versions: 10.2.35, 11.0.21, or 11.1.9, which address this vulnerability. Restrict remote access to the administrative interface where possible and monitor login attempts for suspicious activity.

Useful 0 Not Useful 0