IBM MQ Default Credentials

critical Nessus Plugin ID 136763

Synopsis

Checks if IBM MQ is using default credentials.

Description

The remote host is running IBM MQ and REST API and is using default credentials. An unauthenticated, remote attacker can exploit this gain privileged or administrator access to the system.

Solution

Change the default administrative login credentials.

Plugin Details

Severity: Critical

ID: 136763

File Name: ibm_mq_default_credentials.nasl

Version: 1.1

Type: remote

Family: Web Servers

Published: 5/21/2020

Updated: 5/21/2020

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Score from a more in depth analysis done by tenable

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: manual

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:ibm:websphere_mq

Required KB Items: installed_sw/IBM MQ

Excluded KB Items: global_settings/supplied_logins_only