📦 Data Risk Manager

CVE-2020-4427 is an authentication bypass vulnerability in IBM Data Risk Manager when configured with SAML authentication. A remote attacker can send a specially crafted HTTP request to bypass securit...

CVE-2020-4429 is a critical vulnerability in IBM Data Risk Manager where a default administrative password allows remote attackers to log in and execute arbitrary code with root privileges. It affects...

This vulnerability allows authenticated remote attackers to upload malicious files to IBM Data Risk Manager (iDNA) due to improper file extension validation. Successful exploitation could lead to arbi...

IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded credentials that can be used for authentication, communication, or data encryption. This allows attackers to bypass security controls and potenti...

CVE-2020-4611 is an authentication bypass vulnerability in IBM Data Risk Manager (iDNA) that allows authenticated users to perform administrative actions without proper authorization. This affects org...

IBM Data Risk Manager 2.0.6 uses weak cryptographic algorithms that could allow attackers to decrypt sensitive information. This affects organizations using IBM iDNA 2.0.6 for data risk management. Th...

IBM Data Risk Manager (iDNA) 2.0.6 contains a cross-site request forgery (CSRF) vulnerability that allows attackers to trick authenticated users into performing unauthorized actions. This affects orga...