vicidial.org

Hi
today i noticed someone try to login as VDCL or VDAD to agent interface and admin.
though these users are Inactive , but someone trying with defualt password of donotedit.


I need to know, whether we can change the default password "donotedit" to something complex.
if i change is there any negative impact , or do i need to update same password in any conf file?

i think deleting these users will impact in report for drop or no agent calls//

as long as they are inactive, you have nothing to worry about, however, if you used IP whitelist only, you would not have anyh issues, please see my blog post for securing vicidial correctly

until they are inactive no problem..
but worst case, some of my admin activate those users(by mistake )?

any negative impact changing there passwords ie:donotedit .

while surfing google, i found some CVes related to this CVE-2013-7382

There is no issue with changing those passwords if you want to.

The specific CVE you mentioned is from 2013 and was fixed in the VICIdial code back in 2013, days after it was posted.

thanks @ mflorell @carpenox