Ibm: >> Data Risk Manager >> 2.0.6.1 Security Vulnerabilities
IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 184930.
CVSS Score
7.1
EPSS Score
0.001
Published
2020-09-22
IBM Data Risk Manager (iDNA) 2.0.6 could allow a privileged user to cause a denial of service due to improper input validation. IBM X-Force ID: 184937.
CVSS Score
5.5
EPSS Score
0.003
Published
2020-09-22
CVE-2020-4427
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532.
Known exploited
CVSS Score
9.0
EPSS Score
0.51
Published
2020-05-07
Page 2