CVE-2020-4427

CRITICAL KEV NUCLEI

IBM Data Risk Manager < 2.0.6.1 - Authentication Bypass

Title source: rule

Description

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532.

Exploits (2)

metasploit WORKING POC EXCELLENT
rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ibm_drm_rce.rb
metasploit WORKING POC
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/ibm_drm_download.rb

Nuclei Templates (1)

IBM Data Risk Manager - Authentication Bypass via SAML
CRITICALby ritikchaddha
Shodan: title:"IBM Data Risk Manager"

References (5)

Scores

CVSS v3 9.8
EPSS 0.9274
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03
VulnCheck KEV 2021-11-03
InTheWild.io 2021-07-23
ENISA EUVD EUVD-2020-25674
CWE
CWE-287
Status published
Products (1)
ibm/data_risk_manager 2.0.1 - 2.0.6.1
Published May 07, 2020
KEV Added Nov 03, 2021
Tracked Since Feb 18, 2026