Default Admin Username and Password on remedysso.mtncameroon.net

## Summary: A Remedy Single Sign-On (Remedy SSO) Server is running at https://remedysso.mtncameroon.net/rsso/admin/#/. It is possible to access the application is using the default Administrator credentials. ## Steps To Reproduce: Go to https://remedysso.mtncameroon.net/rsso/admin/#/ and login with credentials: - Username: Admin - Password: RSSO#Admin# ## Remediation Change the password of the Admin user or disable the account. ## References https://cwe.mitre.org/data/definitions/521.html ## Impact A MNT Group Single Sign-On application was misconfigured in a manner that may have allowed a malicious user to login with the administrator user. The user is capable to perform any kind of configuration of the SSO system and retrieve sensitive information about organization users and infrastructure.