Page 1 of 1

VDCL-VDAD changing default passwords

PostPosted: Wed Jun 09, 2021 7:37 am
by raloheni
Hi
today i noticed someone try to login as VDCL or VDAD to agent interface and admin.
though these users are Inactive , but someone trying with defualt password of donotedit.


I need to know, whether we can change the default password "donotedit" to something complex.
if i change is there any negative impact , or do i need to update same password in any conf file?

i think deleting these users will impact in report for drop or no agent calls//

Re: VDCL-VDAD changing default passwords

PostPosted: Wed Jun 09, 2021 7:58 am
by carpenox
as long as they are inactive, you have nothing to worry about, however, if you used IP whitelist only, you would not have anyh issues, please see my blog post for securing vicidial correctly

Re: VDCL-VDAD changing default passwords

PostPosted: Wed Jun 09, 2021 8:26 am
by raloheni
until they are inactive no problem..
but worst case, some of my admin activate those users(by mistake )?

any negative impact changing there passwords ie:donotedit .

while surfing google, i found some CVes related to this CVE-2013-7382

Re: VDCL-VDAD changing default passwords

PostPosted: Wed Jun 09, 2021 8:29 am
by mflorell
There is no issue with changing those passwords if you want to.

The specific CVE you mentioned is from 2013 and was fixed in the VICIdial code back in 2013, days after it was posted.

Re: VDCL-VDAD changing default passwords

PostPosted: Wed Jun 09, 2021 8:37 am
by raloheni
thanks @ mflorell @carpenox