How to change default password

Question

We are getting ” IBM DB2 Universal Database Known Default Password Vulnerability” alert in PCI scans. To fix this we should change the DB2 default password.

anybody from DBA can help us on this?

For more information on this please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0051

Answer 1

DB2 does not store user authentication credentials, but uses external systems for authentication - DB2 For Linux, Unix, Windows (LUW) by default uses underlying OS for auth.

If you have Linux installation, SSH to machine and check if "db2inst1" user exists in OS. If so, just change its password (sudo passwd db2inst) in OS shell. Of course this is only default user name, your actual may differ (but on Linux it will be the same as DB2 instance name, hence the warning of scanner).

The "use underlying OS for authentication" is default on Windows machine as well, but db2 sysadmin user name may differ from instance name.