During the initial attack phase, cyber actors scan the internet for SonarQube instances exposed to the open Internet using the default port (9000) and a publicly accessible IP address. Cyber actors then use default administrator credentials (username: admin, password: admin) to attempt to access SonarQube instances.
Given how often this happens, not having a default password and forcing users to set it should be a standard practice these days. Relying on administrators of the instance doing the right thing obviously keeps failing, thus an option to do the wrong thing should be removed completely.
Given how often this happens, not having a default password and forcing users to set it should be a standard practice these days. Relying on administrators of the instance doing the right thing obviously keeps failing, thus an option to do the wrong thing should be removed completely.