CVE-2020-4427: IBM Data Risk Manager Security Bypass Vulnerability. IBM
IBM Data Risk Manager Security Bypass Vulnerability. IBM Data Risk Manager contains a security bypass vulnerability that could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system.
- CISA KEV-listed (remediation due 2022-05-03)
- EPSS 92.7% (99.8% percentile)