PT-2020-18062 · Ibm · Ibm Data Risk Manager

Pedro Ribeiro

Published

2020-05-07

Updated

2025-11-03

CVE-2020-4429

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM Data Risk Manager versions 2.0.1 through 2.0.6

Description The issue is related to a default password for an administrative account in IBM Data Risk Manager. A remote attacker could exploit this to login and execute arbitrary code on the system with root privileges.

Recommendations For versions 2.0.1 through 2.0.6, change the default password of the IDRM administrative account to a unique and secure password to prevent unauthorized access.

Exploit

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2020-4429

Affected Products

Ibm Data Risk Manager

PT-2020-18062 · Ibm · Ibm Data Risk Manager

CVE-2020-4429

Weakness Enumeration

Related Identifiers

Affected Products

References · 12