CVE-2020-4427

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532.

CVSS v3 9.8 CRITICAL
CVSS v2.0 9.0 HIGH

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/180532	VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/6206875	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/180532	VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/6206875	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:data_risk_manager:2.0.1:::::::*
	cpe:2.3:a:ibm:data_risk_manager:2.0.2:::::::*
	cpe:2.3:a:ibm:data_risk_manager:2.0.3:::::::*
	cpe:2.3:a:ibm:data_risk_manager:2.0.4:::::::*
	cpe:2.3:a:ibm:data_risk_manager:2.0.5:::::::*
	cpe:2.3:a:ibm:data_risk_manager:2.0.6:::::::*

History

21 Nov 2024, 05:32

Type	Values Removed	Values Added
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/180532 - VDB Entry, Vendor Advisory~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/180532 - VDB Entry, Vendor Advisory
References	~~() https://www.ibm.com/support/pages/node/6206875 - Patch, Vendor Advisory~~	() https://www.ibm.com/support/pages/node/6206875 - Patch, Vendor Advisory

Information

Published : 2020-05-07 20:15

Updated : 2024-11-21 05:32

NVD link : CVE-2020-4427

Mitre link : CVE-2020-4427

CVE.ORG link : CVE-2020-4427

JSON object : View

Products Affected

ibm

data_risk_manager

CWE

NVD-CWE-noinfo

{"id": "CVE-2020-4427", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 9.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.2}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2020-05-07T20:15:12.627", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/180532", "tags": ["VDB Entry", "Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://www.ibm.com/support/pages/node/6206875", "tags": ["Patch", "Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/180532", "tags": ["VDB Entry", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.ibm.com/support/pages/node/6206875", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532."}, {"lang": "es", "value": "IBM Data Risk Manager versiones 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5 y 2.0.6, podr\u00edan permitir a un atacante remoto omitir las restricciones de seguridad cuando se configura con la autenticaci\u00f3n SAML. Al enviar una petici\u00f3n HTTP especialmente dise\u00f1ada, un atacante podr\u00eda explotar esta vulnerabilidad para omitir el proceso de autenticaci\u00f3n y conseguir acceso administrativo total al sistema. ID de IBM X-Force: 180532."}], "lastModified": "2024-11-21T05:32:43.573", "cisaActionDue": "2022-05-03", "cisaExploitAdd": "2021-11-03", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:data_risk_manager:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E491FEB4-827A-4C7C-B90A-AF9E5E72B9B9"}, {"criteria": "cpe:2.3:a:ibm:data_risk_manager:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22F3EF7A-0645-4821-9D75-87B500478A7E"}, {"criteria": "cpe:2.3:a:ibm:data_risk_manager:2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DD31D17-ACF4-49D3-A5A0-F73E83146C8D"}, {"criteria": "cpe:2.3:a:ibm:data_risk_manager:2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD53C404-F977-4538-8876-4270393D0F10"}, {"criteria": "cpe:2.3:a:ibm:data_risk_manager:2.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA8E383F-6B15-49BD-964E-D222B7FC3678"}, {"criteria": "cpe:2.3:a:ibm:data_risk_manager:2.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABC3DA11-F5CE-41A9-8AD6-8D876D4C6CF2"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "IBM Data Risk Manager Security Bypass Vulnerability"}