New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 5.9
Synopsis
At least one password is stored in the registry by the client software for the IBM iSeries system.
Description
The client software for the IBM iSeries system can automatically connect to an iSeries system without prompting for user credentials.
It does so by storing a default user and its associated password in the registry. The password is protected by a weak encoding algorithm and a known key. A remote attacker can exploit this by accessing the encoded password value in the registry, allowing the attacker to recover the password in plaintext.
Solution
Upgrade to IBM iSeries version 7.1 service pack SI60523 or later.