Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistIbmCVELIST:CVE-2020-4429
HistoryMay 07, 2020 - 7:20 p.m.

CVE-2020-4429

2020-05-0719:20:19
ibm
www.cve.org
5

CVSS3

10

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

AI Score

9.5

Confidence

High

EPSS

0.037

Percentile

91.8%

JSON

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID: 180534.

CNA Affected

[
  {
    "product": "Data Risk Manager",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "2.0.1"
      },
      {
        "status": "affected",
        "version": "2.0.2"
      },
      {
        "status": "affected",
        "version": "2.0.3"
      },
      {
        "status": "affected",
        "version": "2.0.4"
      },
      {
        "status": "affected",
        "version": "2.0.5"
      },
      {
        "status": "affected",
        "version": "2.0.6"
      }
    ]
  }
]

Related

attackerkb 2
nvd 1
checkpoint_advisories 1
nessus 2
packetstorm 3
zdt 2
prion 1
cve 1
metasploit 3
ibm 1
attackerkb
attackerkb
CVE-2020-4429
2020-04-21 00:00:00
CVE-2020-4427
2020-04-21 00:00:00
nvd
nvd
CVE-2020-4429
2020-05-07 20:15:12
checkpoint_advisories
checkpoint_advisories
IBM Data Risk Manager Authentication Bypass (CVE-2020-4429)
2020-05-11 00:00:00
nessus
nessus
IBM Data Risk Manager Insecure Default Password (CVE-2020-4429)
2023-09-27 00:00:00
IBM Data Risk Manager 2.0.1 <= 2.0.6.1 Multiple Vulnerabilities (6206875)
2023-09-14 00:00:00
packetstorm
packetstorm
IBM Data Risk Manager 2.0.3 Default Password
2020-05-05 00:00:00
IBM Data Risk Manager 2.0.3 Remote Code Execution
2020-05-05 00:00:00
IBM Data Risk Manager Arbitrary File Download
2024-08-31 00:00:00
zdt
zdt
IBM Data Risk Manager 2.0.3 Default Password Exploit
2020-05-07 00:00:00
IBM Data Risk Manager 2.0.3 Remote Code Execution Exploit
2020-05-07 00:00:00
prion
prion
Default credentials
2020-05-07 20:15:00
cve
cve
CVE-2020-4429
2020-05-07 20:15:12
metasploit
metasploit
IBM Data Risk Manager Unauthenticated Remote Code Execution
2020-04-21 08:49:48
IBM Data Risk Manager Arbitrary File Download
2020-04-21 08:53:12
IBM Data Risk Manager a3user Default Password
2020-04-22 05:17:34
ibm
ibm
Security Bulletin: Vulnerabilities exist in IBM Data Risk Manager (CVE-2020-4427, CVE-2020-4428, CVE-2020-4429, and CVE-2020-4430)
2020-05-28 05:43:38

CVSS3

10

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

AI Score

9.5

Confidence

High

EPSS

0.037

Percentile

91.8%

JSON
Related for CVELIST:CVE-2020-4429
attackerkb2nvd1checkpoint_advisories1nessus2packetstorm3zdt2prion1cve1metasploit3ibm1