Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.IBM_DATA_RISK_MANAGER_CVE-2020-4429.NBINHistorySep 27, 2023 - 12:00 a.m.
IBM Data Risk Manager Insecure Default Password (CVE-2020-4429)
2023-09-2700:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9
The administrative account ‘a3user’ on the remote IBM Data Risk Manager (IDRM) virtual appliance has the default password ‘idrm’. This user is allowed to login via SSH and run sudo commands. IDRM does not force or prompt the user for a reset of the default password upon login. An unauthenticated, remote attacker can exploit this vulnerability to login and execute arbitrary code on the system with root privileges.
Binary data ibm_data_risk_manager_CVE-2020-4429.nbin| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | data_risk_manager | cpe:/a:ibm:data_risk_manager |
Related
attackerkb
attackerkb
CVE-2020-4429
2020-04-21 00:00:00
CVE-2020-4427
2020-04-21 00:00:00
checkpoint_advisories
checkpoint_advisories
IBM Data Risk Manager Authentication Bypass (CVE-2020-4429)
2020-05-11 00:00:00
packetstorm
packetstorm
IBM Data Risk Manager 2.0.3 Default Password
2020-05-05 00:00:00
IBM Data Risk Manager 2.0.3 Remote Code Execution
2020-05-05 00:00:00
zdt
zdt
IBM Data Risk Manager 2.0.3 Default Password Exploit
2020-05-07 00:00:00
IBM Data Risk Manager 2.0.3 Remote Code Execution Exploit
2020-05-07 00:00:00
prion
prion
Default credentials
2020-05-07 20:15:00
cve
cve
CVE-2020-4429
2020-05-07 20:15:00
nessus
nessus
IBM Data Risk Manager 2.0.1 <= 2.0.6.1 Multiple Vulnerabilities (6206875)
2023-09-14 00:00:00
metasploit
metasploit
IBM Data Risk Manager Unauthenticated Remote Code Execution
2020-04-21 08:49:48
IBM Data Risk Manager Arbitrary File Download
2020-04-21 08:53:12
IBM Data Risk Manager a3user Default Password
2020-04-22 05:17:34
Related for IBM_DATA_RISK_MANAGER_CVE-2020-4429.NBIN