Detections
Analytics

IBM iSeries Default Password

critical Nessus Plugin ID 57848

Language:

Synopsis

The remote host is configured with a default password for an IBM iSeries user account.

Description

The remote IBM iSeries server has a default password set for a well- known user account. An attacker can take advantage of this to login to the server and take complete control of the server.

Solution

Change the default password for iSeries accounts.

The CL command ANZDFTPWD can be used to detect user accounts with the default password and can take action to disable the user or set the user's password to 'expired'.

Also, review the 'QMAXSGNACN' and 'QMAXSIGN' system settings.

See Also

http://www.nessus.org/u?724772c7

Plugin Details

Severity: Critical

ID: 57848

File Name: ibmi_default_password.nbin

Version: 1.122

Type: remote

Family: Misc.

Published: 2/6/2012

Updated: 9/3/2024

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Default credentials

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: manual

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/h:ibm:iseries_as_400

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: No exploit is required