EIQ-2018-0006
ID |
EIQ-2018-0006 (Former ref.: 1801-06) |
CVE |
- |
Description |
Log in as administrator by presence of an installation user |
Date |
- |
Severity |
3 - HIGH |
CVSSv3 score |
CVSSv3 score not available on NIST NVD. |
Status |
2.3.0 |
Assessment |
A default installer user is configured during an automatic installation of the platform.This user account is active by default. Credentials can be found in the installation logs in /var/log/ |
Mitigation |
Affected virtual machines on the download portal are replaced with versions where the installation user is disabled. All logs are scrubbed. |
Affected versions |
2.2.0 only, deployed using a virtual machine image. |
Notes |
If the installer-<hex> user account is disabled in your platform instance, this does not affect you. |