IBM Data Risk Manager Insecure Default Password (CVE-2020-4429)

critical Nessus Plugin ID 181927

Synopsis

An administrative account on the remote host uses an insecure default password.

Description

The administrative account 'a3user' on the remote IBM Data Risk Manager (IDRM) virtual appliance has the default password 'idrm'. This user is allowed to login via SSH and run sudo commands. IDRM does not force or prompt the user for a reset of the default password upon login. An unauthenticated, remote attacker can exploit this vulnerability to login and execute arbitrary code on the system with root privileges.

Solution

Upgrade to IBM Data Risk Manager 2.0.6.1 Fixpack or later.

See Also

https://www.ibm.com/support/pages/node/6206875

https://exchange.xforce.ibmcloud.com/vulnerabilities/180534

Plugin Details

Severity: Critical

ID: 181927

File Name: ibm_data_risk_manager_CVE-2020-4429.nbin

Version: 1.54

Type: combined

Family: CGI abuses

Published: 9/27/2023

Updated: 12/6/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2020-4429

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:data_risk_manager

Required KB Items: installed_sw/IBM Data Risk Manager

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/12/2019

Vulnerability Publication Date: 5/7/2020

Exploitable With

Metasploit (IBM Data Risk Manager a3user Default Password)

Reference Information

CVE: CVE-2020-4429