Skip to content
Server & Web Software

IBM QRadar SIEM Community Edition (On-Premises) — Default Password

Default username and password for the IBM QRadar SIEM Community Edition (On-Premises): configservices / qradar. Learn how to log in and how to change the default credentials.

CVE-2020-4269 (CVSS 7.5, AV:N/AC:L/PR:N/UI:N) documents a hard-coded credential in IBM QRadar SIEM. The internal 'configservices' account with password 'qradar' was hardcoded in /opt/qradar/conf/users.conf and exposed the configuration API (/configservices/configurationsets) to unauthenticated network access. Affected: QRadar CE 7.3.1.6 and related versions. Fixed in 7.4.0 GA, 7.3.3 Patch 3, 7.3.2 Patch 7. Documented in IBM Security Bulletin and Securify advisory SFY20200401.

UsernamePasswordAccessVersion / firmwareNotes
configservices
qradar
APIQRadar CE 7.3.1.6 and earlierHard-coded internal service account (CVE-2020-4269 CVSS 7.5). Exposed /configservices/configurationsets API. Fixed in 7.4.0 GA, 7.3.3 P3, 7.3.2 P7.

Responsible use

This database lists publicly documented default credentials so administrators can find and change them. Only use these on systems you own or are authorized to test.

Related devices