CVE-2020-4428

Name of the Vulnerable Software and Affected Versions IBM Data Risk Manager versions 2.0.1 through 2.0.4

Description The issue is related to the failure to neutralize special elements used in operating system commands, which can be exploited by a remote attacker to execute arbitrary commands on the system. This can allow a remote authenticated attacker to perform unauthorized actions.

Recommendations For versions 2.0.1 through 2.0.4, update to a version that includes a fix for this issue to prevent remote code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.