The administrative account ‘a3user’ on the remote IBM Data Risk Manager (IDRM) virtual appliance has the default password ‘idrm’. This user is allowed to login via SSH and run sudo commands. IDRM does not force or prompt the user for a reset of the default password upon login. An unauthenticated, remote attacker can exploit this vulnerability to login and execute arbitrary code on the system with root privileges.
Binary data ibm_data_risk_manager_CVE-2020-4429.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | data_risk_manager | cpe:/a:ibm:data_risk_manager |