Default Password (db2admin) for 'db2admin' Account on Windows

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

An account on the remote Windows host uses a default password.

Description :

The 'db2admin' account on the remote Windows host uses a known
password. This account may have been created during installation of
DB2 for use when managing the application, and it likely belongs to
the Local Administrators group.

Note that while the DB2 installation no longer uses a default password
for this account, the upgrade process does not force a password change
if the 'db2admin' account exists from a previous installation.

See also :

http://seclists.org/bugtraq/2000/Dec/97

Solution :

Assign a different password to this account as soon as possible.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:ND)

Family: Databases

Nessus Plugin ID: 33852 ()

Bugtraq ID: 2068

CVE ID: CVE-2001-0051

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now