IBM iSeries Cached Passwords

low Nessus Plugin ID 57849

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

At least one password is stored in the registry by the client software for the IBM iSeries system.

Description

The client software for the IBM iSeries system can automatically connect to an iSeries system without prompting for user credentials.
It does so by storing a default user and its associated password in the registry. The password is protected by a weak encoding algorithm and a known key. A remote attacker can exploit this by accessing the encoded password value in the registry, allowing the attacker to recover the password in plaintext.

Solution

Upgrade to IBM iSeries version 7.1 service pack SI60523 or later.

See Also

https://www-01.ibm.com/support/docview.wss?uid=nas8N1021418

https://www.tenable.com/security/research/tra-2016-18

Plugin Details

Severity: Low

ID: 57849

File Name: ibmi_cached_password.nbin

Version: 1.160

Type: local

Agent: windows

Family: Windows

Published: 2/6/2012

Updated: 1/18/2022

Dependencies: smb_hotfixes.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Low

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:ibm:client_access

Required KB Items: SMB/Registry/Enumerated

Patch Publication Date: 6/27/2016

Vulnerability Publication Date: 6/27/2016

Reference Information

CVE: CVE-2016-0287