ID de Prueba:	1.3.6.1.4.1.25623.1.0.800193
Categoría:	Default Accounts
Título:	IBM Rational Quality Manager and Rational Test Lab Manager Tomcat Default Account Vulnerability
Resumen:	The host is running Tomcat server in IBM Rational Quality Manager/; IBM Rational Test Lab Manager has a default password for the ADMIN account.
Descripción:	Summary: The host is running Tomcat server in IBM Rational Quality Manager/ IBM Rational Test Lab Manager has a default password for the ADMIN account. Vulnerability Insight: The flaw exists within the installation of the bundled Tomcat server. The default ADMIN account is improperly disabled within 'tomcat-users.xml' with default password. A remote attacker can use this vulnerability to execute arbitrary code under the context of the Tomcat server. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary code in the context of an affected application. Affected Software/OS: Versions prior to IBM Rational Quality Manager and IBM Test Lab Manager 7.9.0.3 build:1046. Solution: Upgrade to version 7.9.0.3 build 1046 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	BugTraq ID: 44172 Common Vulnerability Exposure (CVE) ID: CVE-2010-4094 http://www.securityfocus.com/bid/44172 http://download4.boulder.ibm.com/sar/CMA/RAA/013m6/0/UpdateLog.txt http://www.zerodayinitiative.com/advisories/ZDI-10-214/ http://osvdb.org/69008 http://securitytracker.com/id?1024601 http://secunia.com/advisories/41784 http://www.vupen.com/english/advisories/2010/2732
Copyright	Copyright (C) 2011 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.