This script is Copyright (C) 2012-2017 Tenable Network Security, Inc.
At least one password is stored in the registry by the client software
for the IBM iSeries system.
The client software for the IBM iSeries system can automatically
connect to an iSeries system without prompting for user credentials.
It does so by storing a default user and its associated password in
the registry. The password is protected by a weak encoding algorithm
and a known key. A remote attacker can exploit this by accessing the
encoded password value in the registry, allowing the attacker to
recover the password in plaintext.
See also :
Upgrade to IBM iSeries version 7.1 service pack SI60523 or later.
Risk factor :
Low / CVSS Base Score : 2.1