header-logo
Suggest Exploit
vendor:
DB2 Universal Database
by:
SecurityFocus
7.5
CVSS
HIGH
Default Username and Password Vulnerability
259
CWE
Product Name: DB2 Universal Database
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows NT, Linux
2002

Default Username and Password Vulnerability in IBM DB2 Universal Database

DB2 Universal Database contains a default username and password that would enable a user access to the database. During the installation of DB2, the administrator is not prompted to change these passwords which would open up the possibility of having unauthorized users access the database if they knew the default username and password.

Mitigation:

The administrator should be prompted to change the default username and password during the installation of DB2.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2068/info

IBM DB2 Universal Database is a distributed database application.

DB2 Universal Database contains a default username and password that would enable a user access to the database. During the installation of DB2, the administrator is not prompted to change these passwords which would open up the possibility of having unauthorized users access the database if they knew the default username and password.

DB2 Universal Database for Windows NT
Username: db2admin
Password: db2admin

DB2 Universal Database for Linux
Username: db2inst1, db2as, db2fenc1
Password: ibmdb2

Navigation

Suggest Exploit

Services By CQR