SB2020042204 - Multiple vulnerabilities in IBM Data Risk Manager

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Command Injection (CVE-ID: CVE-2020-4429)

The vulnerability allows a remote authenticated user to inject and execute arbitrary commands on the system.

The vulnerability exists due to insufficient filtration of user-supplied data within the "/albatross/restAPI/v2/nmap/run/scan" API. A remote authenticated user with ability to upload files can upload and execute arbitrary code on the system.

2) Path traversal (CVE-ID: CVE-2020-4427)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within the "/albatross/eurekaservice/fetchLogFiles" API. A remote authenticated user can send a specially crafted HTTP request and read arbitrary files on the system.

Remediation

Install update from vendor's website.

References

• https://www.ibm.com/support/pages/node/6195705
• https://seclists.org/fulldisclosure/2020/Apr/33