Vulnerabilities > IBM > Data Risk Manager > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-05-07 CVE-2020-4427 Unspecified vulnerability in IBM Data Risk Manager
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication.
network
low complexity
ibm
critical
 9.8
9.8
2020-05-07 CVE-2020-4428 OS Command Injection vulnerability in IBM Data Risk Manager
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system.
network
low complexity
ibm CWE-78
critical
 9.1
9.1
2020-05-07 CVE-2020-4429 Use of Hard-coded Credentials vulnerability in IBM Data Risk Manager
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account.
network
low complexity
ibm CWE-798
critical
 9.8
9.8