CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-4428

Known Exploited (CISA KEV)CRITICAL
9.1
CVSS Severity Score
EPSS Score51.4270%
EPSS Percentile86.88th
Published2020年5月7日
Last Modified2025年11月4日

Vulnerability Description

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM X-Force ID: 180533.

Affected Platforms (CPE)

📦
Ibm

Data Risk Manager

>= 2.0.1 and <= 2.0.4

References & Advisories

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/180533
🔗 https://www.ibm.com/support/pages/node/6206875
🔗 http://seclists.org/fulldisclosure/2024/Nov/0
🔗 http://seclists.org/fulldisclosure/2024/Nov/1
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/180533
🔗 https://www.ibm.com/support/pages/node/6206875
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-4428

相關漏洞威脅

CVE-2020-44299.8

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account....

CVE-2020-44279.8

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions w...

CVE-2020-46118.8

IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and execute actions reserved for admins. I...

CVE-2020-46208.8

IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper v...