module
IBM Data Risk Manager Unauthenticated Remote Code Execution
| Disclosed | Created |
|---|---|
| Apr 21, 2020 | May 5, 2020 |
Disclosed
Apr 21, 2020
Created
May 5, 2020
Description
IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by
an unauthenticated attacker to achieve remote code execution as root.
The first is an unauthenticated bypass, followed by a command injection as the server user,
and finally abuse of an insecure default password.
This module exploits all three vulnerabilities, giving the attacker a root shell.
At the time of disclosure this was an 0day, but it was later confirmed and patched by IBM.
The authentication bypass works on versions versions
an unauthenticated attacker to achieve remote code execution as root.
The first is an unauthenticated bypass, followed by a command injection as the server user,
and finally abuse of an insecure default password.
This module exploits all three vulnerabilities, giving the attacker a root shell.
At the time of disclosure this was an 0day, but it was later confirmed and patched by IBM.
The authentication bypass works on versions versions
Author
Pedro Ribeiro [email protected]
Platform
Linux
Architectures
x86, x64
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.