Описание
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID: 180534.
Ссылки
- VDB Entry
- PatchVendor Advisory
- VDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:data_risk_manager:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:data_risk_manager:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:data_risk_manager:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:data_risk_manager:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:data_risk_manager:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:data_risk_manager:2.0.6:*:*:*:*:*:*:*
EPSS
Процентиль: 100%
0.89253
Высокий
10 Critical
CVSS3
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID: 180534.
EPSS
Процентиль: 100%
0.89253
Высокий
10 Critical
CVSS3
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-798