Lucene search
+L

10 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.358 views

IBM Data Risk Manager Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Data Risk Manager Arbitrary File Download', 'Description' = %q IBM Data Risk Manager IDRM contains two vulnerabilities that can be chained by...

10CVSS6.9AI score0.71363EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.43 views

IBM Data Risk Manager Insecure Default Password (CVE-2020-4429)

Binary data ibmdatariskmanagerCVE-2020-4429.nbin...

10CVSS9.5AI score0.71363EPSS
Exploits10References3
Check Point Advisories
Check Point Advisories
added 2020/05/11 12:0 a.m.38 views

IBM Data Risk Manager Authentication Bypass (CVE-2020-4429)

An authentication bypass vulnerability exists in IBM Data Risk Manager. The vulnerability is due to the presence of previously unknown default credentials. A remote attacker can exploit this vulnerability by authenticating to the system using the default credentials. Successful exploitation resul...

10CVSS4.6AI score0.71363EPSS
Exploits10
CVE
CVE
added 2020/05/07 7:20 p.m.311 views

CVE-2020-4429

CVE-2020-4429 affects IBM Data Risk Manager (IDRM) versions 2.0.1–2.0.6. A default password for an IDRM administrative account enables a remote attacker to login and execute arbitrary code with root privileges. Public references confirm the default-password issue and associated high/severe impact...

10CVSS9.3AI score0.71363EPSS
In wildExploits10References4Affected Software1
0day.today
0day.today
added 2020/05/07 12:0 a.m.52 views

IBM Data Risk Manager 2.0.3 Default Password Exploit

This Metasploit module abuses a known default password in IBM Data Risk Manager. The a3user has the default password idrm and allows an attacker to log in to the virtual appliance via SSH. This can be escalate to full root access, as a3user has sudo access with the default password. At the time o...

10CVSS1.1AI score0.71363EPSS
Exploits10
Circl
Circl
added 2020/05/05 5:17 p.m.38 views

CVE-2020-4429

creationtimestamp| type| source ---|---|--- 2020-05-05 17:17:40+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/ibmdrmdownload.rb 2020-05-05 17:17:40+00:00| seen|...

10CVSS7.2AI score0.71363EPSS
Exploits10References6
Packet Storm
Packet Storm
added 2020/05/05 12:0 a.m.117 views

IBM Data Risk Manager 2.0.3 Default Password

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Data Risk Manager a3user Default Password', 'Description' = %q This module abuses a known default password in IBM Data Risk Manager. The...

10CVSS0.6AI score0.71363EPSS
Exploits10
Metasploit
Metasploit
added 2020/04/22 5:17 a.m.57 views

IBM Data Risk Manager a3user Default Password

This module abuses a known default password in IBM Data Risk Manager. The 'a3user' has the default password 'idrm' and allows an attacker to log in to the virtual appliance via SSH. This can be escalate to full root access, as 'a3user' has sudo access with the default password. At the time of...

9.8CVSS6.9AI score0.71363EPSS
Exploits10
ATTACKERKB
ATTACKERKB
added 2020/04/21 12:0 a.m.36 views

CVE-2020-4429

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID: 180534...

10CVSS7.8AI score0.71363EPSS
Exploits10References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/04/21 12:0 a.m.101 views

CVE-2020-4427

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process...

10CVSS9.7AI score0.71363EPSS
In wildExploits10References3
Rows per page
Query Builder