Security Update for Passwords
The Oracle® Enterprise Session Border Controllerhas no passwords as shipped. Default password or hard-coded passwords are predictable and pose a security risk if not changed promptly. Password setup must be completed through SSH or Console connections. Passwords need to be set when a particular privilege level is accessed and the system determines when the password is the default value.
Upon the first access of the Oracle® Enterprise Session Border Controller and at each particular privilege level, a check is performed to determine whether default passwords are being used. If this check returns positive, the system requires that new passwords be set. Password changes must be performed through SSH or Console connections.
Note:
Access to the system through the admin or user account will only be successful after a new password is entered.In the case where the admin and/or user passwords have been changed from the shipped, default value prior to the first access of that privilege level, the system continues normally.
Since SSH connections are allowed, system users may log in directly as admin.
If remote authentication systems are in place, e.g. TACACS/RADIUS servers, the default password check process does not run since local factory default passwords are not used.
- Lowercase letters
- Uppercase letters
- Numerals
- Punctuation
There is no impact on call processing while the default passwords are still in place. Should you encounter a problem with the procedure, contact the Technical Support Center.
