ID de Prueba:	1.3.6.1.4.1.25623.1.0.800193
Categoría:	Default Accounts
Título:	IBM Rational Quality Manager and Rational Test Lab Manager Tomcat Default Account Vulnerability (HTTP)
Resumen:	The Apache Tomcat server in IBM Rational Quality Manager / IBM; Rational Test Lab Manager has a default password for the ADMIN account.
Descripción:	Summary: The Apache Tomcat server in IBM Rational Quality Manager / IBM Rational Test Lab Manager has a default password for the ADMIN account. Vulnerability Insight: The flaw exists within the installation of the bundled Tomcat server. The default ADMIN account is improperly disabled within 'tomcat-users.xml' with default password. A remote attacker can use this vulnerability to execute arbitrary code under the context of the Tomcat server. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary code in the context of an affected application. Affected Software/OS: Versions prior to IBM Rational Quality Manager and IBM Test Lab Manager 7.9.0.3 build:1046. Solution: Update to version 7.9.0.3 build 1046 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4094 BugTraq ID: 44172 http://www.securityfocus.com/bid/44172 http://download4.boulder.ibm.com/sar/CMA/RAA/013m6/0/UpdateLog.txt http://www.zerodayinitiative.com/advisories/ZDI-10-214/ http://osvdb.org/69008 http://securitytracker.com/id?1024601 http://secunia.com/advisories/41784 http://www.vupen.com/english/advisories/2010/2732
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.