IBM iSeries Default Password

critical Nessus Plugin ID 57848
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote host is configured with a default password for an IBM iSeries user account.


The remote IBM iSeries server has a default password set for a well- known user account. An attacker can take advantage of this to login to the server and take complete control of the server.


Change the default password for iSeries accounts.

The CL command ANZDFTPWD can be used to detect user accounts with the default password and can take action to disable the user or set the user's password to 'expired'.

Also, review the 'QMAXSGNACN' and 'QMAXSIGN' system settings.

See Also

Plugin Details

Severity: Critical

ID: 57848

File Name: ibmi_default_password.nbin

Version: 1.81

Type: remote

Family: Misc.

Published: 2/6/2012

Updated: 11/8/2021

Dependencies: ibmi_detect.nbin

Risk Information

CVSS Score Source: manual

CVSS Score Rationale: Default credentials


Risk Factor: Critical

Base Score: 10

Temporal Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:H/RL:ND/RC:ND


Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/h:ibm:iseries_as_400

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: No exploit is required