Security News > 2020 > April > RCE Exploit Released for IBM Data Risk Manager

RCE Exploit Released for IBM Data Risk Manager
2020-04-21 18:19

UPDATED. Four serious security vulnerabilities in the IBM Data Risk Manager have been identified that can lead to unauthenticated remote code execution as root in vulnerable versions, according to analysis - and a proof-of-concept exploit is available.

IBM weighed in on the problem this week, after a researcher went public with the bugs, one of which may end up being a zero-day issue - Big Blue is still investigating.

IDRM is a software platform that aggregates threat data from disparate security systems, in order to perform enterprise security risk analysis.

According to security researcher Pedro Ribeiro from Agile Information Security, older versions of the IDRM Linux virtual appliance contains bugs pertaining to authentication bypass; command injection; insecure default password; and arbitrary file download. The first three can be chained together to achieve RCE in vulnerable versions.

The third bug, which IBM says can be solved by reconfiguring the appliance, comes from the use of hard-coded credentials: The administrative user in the IDRM virtual appliance is "a3user" by default.


News URL

https://threatpost.com/rce-exploit-ibm-data-risk-manager-no-patch/154986/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
IBM 736 216 2774 1264 248 4502