Medium Severity

Security Bulletin: Vulnerabilities exist in IBM Data Risk Manager (CVE-2020-4427, CVE-2020-4428, CVE-2020-4429, and CVE-2020-4430)

Share this post:

Multiple vulnerabilities were reported to exist in IBM Data Risk Manager (IDRM) V2.0.1 and greater. Two issues were already fixed in V2.0.4.1, and the rest are fixed in V2.0.6.2 and later.

Affected product(s) and affected version(s):

Product Issue Version(s)
IBM Data Risk Manager Authentication Bypass 2.0.6.1 and earlier
IBM Data Risk Manager Command Injection 2.0.4 and earlier
IBM Data Risk Manager Default Password 2.0.6.1 and earlier
IBM Data Risk Manager Path Traversal 2.0.4 and earlier

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6206875

More stories

Security Bulletin: A vulnerability in IBM Java Runtime affects Rational Asset Analyzer

Jul 1, 2020 8:01 pm EDT | Medium Severity

There is a vulnerability in IBM® Runtime Environment Java™ used by Rational Asset analyzer. Rational Asset analyzer has addressed the applicable CVE. ...read more


Security Bulletin: Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability

Jul 1, 2020 8:01 pm EDT | Medium Severity

Rational Asset Analyzer (RAA) has addressed the following vulnerability in WebSphere Application Server. ...read more


Security Bulletin: Asset Analyzer (RAA) is affected by a WebSphere Application Server vulnerability

Jul 1, 2020 8:00 pm EDT | Medium Severity

Rational Asset Analyzer (RAA) has addressed the following vulnerability in WebSphere Application Server. ...read more