EIQ-2018-0006



ID

EIQ-2018-0006

(Former ref.: 1801-06)

CVE

-

Description

Log in as administrator by presence of an installation user

Date

-

Severity

3 - HIGH

CVSSv3 score

CVSSv3 score not available on NIST NVD.

Status

images/s/en_GB/7701/d7b403a44466e5e8970db7530201039d865e79e1/_/images/icons/emoticons/check.svg 2.3.0

Assessment

A default installer user is configured during an automatic installation of the platform.This user account is active by default. Credentials can be found in the installation logs in /var/log/

Mitigation

Affected virtual machines on the download portal are replaced with versions where the installation user is disabled.

All logs are scrubbed.

Affected versions

2.2.0 only, deployed using a virtual machine image.

Notes

If the installer-<hex> user account is disabled in your platform instance, this does not affect you.

< Back to all security issues and mitigation actions