6 matches found
CVE-2020-4428
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM X-Force ID: 180533...
CVE-2020-4428
Product and vuln : IBM Data Risk Manager (IDRM) 2.0.1–2.0.4. Issue : remote authenticated attacker can execute arbitrary commands on the system (CVE-2020-4428). Root cause / vector : authenticated access with remote command execution capability (no user interaction required). Impact : full comman...
CVE-2020-4428
creationtimestamp| type| source ---|---|--- 2020-05-05 17:17:40+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ibmdrmrce.rb 2021-11-08 08:58:18+00:00| seen| MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422 2021-11-20 09:53:52+00:00| seen|...
IBM Data Risk Manager Command Injection (CVE-2020-4428)
A command injection execution vulnerability exists in IBM Data Risk Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2020-4427
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process...
CVE-2020-4428
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM X-Force ID: 180533. Recent assessments: wvu-r7 at May 08, 2020 4:04pm UTC reported: Assessment for the related CVEs here:...