EIQ-2018-0006
|
ID |
EIQ-2018-0006 (Former ref.: 1801-06) |
|
CVE |
- |
|
Description |
Log in as administrator by presence of an installation user |
|
Date |
- |
|
Severity |
3 - HIGH |
|
CVSSv3 score |
CVSSv3 score not available on NIST NVD. |
|
Status |
|
|
Assessment |
A default installer user is configured during an automatic installation of the platform.This user account is active by default. Credentials can be found in the installation logs in /var/log/ |
|
Mitigation |
Affected virtual machines on the download portal are replaced with versions where the installation user is disabled. All logs are scrubbed. |
|
Affected versions |
2.2.0 only, deployed using a virtual machine image. |
|
Notes |
If the installer-<hex> user account is disabled in your platform instance, this does not affect you. |
2.3.0