IBM DataPower Gateway < 22.214.171.124 Default Admin Password Security Bypass
High Nessus Plugin ID 97019
SynopsisA web application running on the remote host is affected by a security bypass vulnerability.
DescriptionAccording to its self-reported version, the IBM DataPower Gateway running on the remote host is prior to 126.96.36.199. It is, therefore, affected by a security bypass vulnerability due to the default password still being accepted as valid if the administrator logs in before the startup configuration is completed.
SolutionUpgrade to IBM DataPower Gateway version 188.8.131.52 or later.