Vulnerability Description
Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected system.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Teradata | Viewpoint | < 14.0 |
Related Weaknesses (CWE)
References
- https://github.com/inf0seq/inf0seq.github.io/blob/master/_posts/2019-01-20-TeradThird Party Advisory
- https://inf0seq.github.io/cve/2019/01/20/Teradata-Viewpoint-Hardcoded-Password-VThird Party Advisory
- https://github.com/inf0seq/inf0seq.github.io/blob/master/_posts/2019-01-20-TeradThird Party Advisory
- https://inf0seq.github.io/cve/2019/01/20/Teradata-Viewpoint-Hardcoded-Password-VThird Party Advisory
FAQ
What is CVE-2019-6499?
CVE-2019-6499 is a vulnerability with a CVSS score of 8.1 (HIGH). Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploi...
How severe is CVE-2019-6499?
CVE-2019-6499 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-6499?
Check the references section above for vendor advisories and patch information. Affected products include: Teradata Viewpoint.