Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Data Risk Manager  Security Vulnerabilities
CVE-2021-38862
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207980.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-10-12
CVE-2021-38915
IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 209947.
CVSS Score
5.3
EPSS Score
0.001
Published
2021-10-12
CVE-2020-4619
IBM Data Risk Manager (iDNA) 2.0.6 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 184976.
CVSS Score
5.3
EPSS Score
0.001
Published
2020-09-22
CVE-2020-4620
IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code on the vulnerable system. IBM X-Force ID: 184979.
CVSS Score
8.8
EPSS Score
0.041
Published
2020-09-22
CVE-2020-4621
IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to escalate their privileges to administrator due to insufficient authorization checks. IBM X-Force ID: 184981.
CVSS Score
8.8
EPSS Score
0.004
Published
2020-09-22
CVE-2020-4622
IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 184983.
CVSS Score
5.9
EPSS Score
0.001
Published
2020-09-22
CVE-2020-4611
IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and execute actions reserved for admins. IBM X-Force ID: 184922.
CVSS Score
8.8
EPSS Score
0.005
Published
2020-09-22
CVE-2020-4612
IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to obtain sensitive information using a specially crafted HTTP request. IBM X-Force ID: 184924.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-09-22
CVE-2020-4613
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184925.
CVSS Score
5.9
EPSS Score
0.001
Published
2020-09-22
CVE-2020-4614
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 184927.
CVSS Score
3.7
EPSS Score
0.001
Published
2020-09-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved