Vulnerability Details CVE-2020-4429
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID: 180534.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.383
EPSS Ranking 97.1%
CVSS Severity
CVSS v3 Score 10.0
CVSS v2 Score 10.0
References
Products affected by CVE-2020-4429
-
cpe:2.3:a:ibm:data_risk_manager:2.0.1
-
cpe:2.3:a:ibm:data_risk_manager:2.0.2
-
cpe:2.3:a:ibm:data_risk_manager:2.0.3
-
cpe:2.3:a:ibm:data_risk_manager:2.0.4
-
cpe:2.3:a:ibm:data_risk_manager:2.0.5
-
cpe:2.3:a:ibm:data_risk_manager:2.0.6