CyberSec.Space Logo
Back to CVE Browser

CVE-2020-4428

Known Exploited (CISA KEV)CRITICAL
9.1
CVSS Severity Score
EPSS Score51.4270%
EPSS Percentile86.88th
PublishedMay 7, 2020
Last ModifiedNov 4, 2025

Vulnerability Description

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM X-Force ID: 180533.

Affected Platforms (CPE)

πŸ“¦
Ibm

Data Risk Manager

>= 2.0.1 and <= 2.0.4

References & Advisories

πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/180533
πŸ”— https://www.ibm.com/support/pages/node/6206875
πŸ”— http://seclists.org/fulldisclosure/2024/Nov/0
πŸ”— http://seclists.org/fulldisclosure/2024/Nov/1
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/180533
πŸ”— https://www.ibm.com/support/pages/node/6206875
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-4428

Related Vulnerabilities

CVE-2020-44299.8

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account....

CVE-2020-44279.8

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions w...

CVE-2020-46118.8

IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and execute actions reserved for admins. I...

CVE-2020-46208.8

IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper v...