IBM iSeries Default Password

Critical Nessus Plugin ID 57848

Synopsis

The remote host is configured with a default password for an IBM iSeries user account.

Description

The remote IBM iSeries server has a default password set for a well- known user account. An attacker can take advantage of this to login to the server and take complete control of the server.

Solution

Change the default password for iSeries accounts.

The CL command ANZDFTPWD can be used to detect user accounts with the default password and can take action to disable the user or set the user's password to 'expired'.

Also, review the 'QMAXSGNACN' and 'QMAXSIGN' system settings.

See Also

http://www.nessus.org/u?724772c7

Plugin Details

Severity: Critical

ID: 57848

File Name: ibmi_default_password.nbin

Version: 1.59

Type: remote

Family: Misc.

Published: 2012/02/06

Updated: 2020/03/09

Dependencies: 57847

Risk Information

Risk Factor: Critical

CVSS Score Source: manual

CVSS Score Rationale: Default credentials

CVSS v2.0

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:ND/RC:ND

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/h:ibm:iseries_as_400

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: No exploit is required