RCE Exploit Released for IBM Data Risk Manager

2020-04-21 18:19

UPDATED. Four serious security vulnerabilities in the IBM Data Risk Manager have been identified that can lead to unauthenticated remote code execution as root in vulnerable versions, according to analysis - and a proof-of-concept exploit is available.

IBM weighed in on the problem this week, after a researcher went public with the bugs, one of which may end up being a zero-day issue - Big Blue is still investigating.

IDRM is a software platform that aggregates threat data from disparate security systems, in order to perform enterprise security risk analysis.

According to security researcher Pedro Ribeiro from Agile Information Security, older versions of the IDRM Linux virtual appliance contains bugs pertaining to authentication bypass; command injection; insecure default password; and arbitrary file download. The first three can be chained together to achieve RCE in vulnerable versions.

The third bug, which IBM says can be solved by reconfiguring the appliance, comes from the use of hard-coded credentials: The administrative user in the IDRM virtual appliance is "a3user" by default.

News URL

https://threatpost.com/rce-exploit-ibm-data-risk-manager-no-patch/154986/

#exploit #IBM #RCE

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
IBM		1325	1510	3910	954	509	6883

News URL

Related news

Related vendor