Fix IBM DRM SSH docs
This commit is contained in:
Pedro Ribeiro
@@ -2,7 +2,7 @@
|
||||
|
||||
This module abuses a known default password in IBM Data Risk Manager. The 'a3user' has the default password 'idrm' and allows an attacker to log in to the virtual appliance via SSH.
|
||||
This can be escalated to full root access, as 'a3user' has `sudo` access with the default password.
|
||||
At the time of disclosure, this is a 0day. Versions <= 2.0.3 are confirmed to be affected, and the latest 2.0.6 is most likely affected too.
|
||||
At the time of disclosure this was an 0day, but it was later confirmed and patched by IBM. Versions <= 2.0.6.1 are confirmed to be vulnerable.
|
||||
|
||||
### Vulnerability information
|
||||
For more information about the vulnerability, check the advisory at:
|
||||
|
||||
Reference in New Issue
Block a user