Multiple vulnerabilities were reported to exist in IBM Data Risk Manager (IDRM) V2.0.1 and greater. Two issues were already fixed in V2.0.4.1, and the rest are fixed in V2.0.6.2 and later.
Affected product(s) and affected version(s):
| Product | Issue | Version(s) |
| IBM Data Risk Manager | Authentication Bypass | 2.0.6.1 and earlier |
| IBM Data Risk Manager | Command Injection | 2.0.4 and earlier |
| IBM Data Risk Manager | Default Password | 2.0.6.1 and earlier |
| IBM Data Risk Manager | Path Traversal | 2.0.4 and earlier |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6206875
The post Security Bulletin: Vulnerabilities exist in IBM Data Risk Manager (CVE-2020-4427, CVE-2020-4428, CVE-2020-4429, and CVE-2020-4430) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2WAhS81
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.