SB2020042205 - Multiple vulnerabilities in IBM Data Risk Manager

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020042205

SB2020042205 - Multiple vulnerabilities in IBM Data Risk Manager

Published: April 22, 2020 Updated: May 5, 2020

Security Bulletin ID SB2020042205
Severity
High
Patch available
NO
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Improper Authentication (CVE-ID: CVE-2020-4428)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to sensitive information exposure at the "/albatross/saml/idpSelection" API endpoint that provides unauthenticated users with a valid session identifier. A remote non-authenticated attacker can obtain session identifier, bypass authentication process and gain unauthorized access to the application.


2) Weak password requirements (CVE-ID: CVE-2020-4429)

The vulnerability allows an attacker to gain unauthorized access to the application.

The vulnerability exists due to application is using default credentials of "a3user:idrm" for user with access to SSH and sudo commands and does not require obligatory password change for this account upon first login.A remote attacker can abuse this account to gain unauthorized access to the application.

Note, despite the case being described in the IBM documentation this is a security vulnerability that should be addresses by forcing users to change default passwords rather than writing about it in manuals.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References