Path traversal in IBM Data Risk Manager

#VU27082 Path traversal in IBM Data Risk Manager

Published: 2020-04-22 | Updated: 2020-05-05

Vulnerability identifier: #VU27082

Vulnerability risk: Low

CVSSv3.1: 2.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C]

CVE-ID: CVE-2020-4427

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
IBM Data Risk Manager
Web applications / Other software

Vendor: IBM Corporation

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within the "/albatross/eurekaservice/fetchLogFiles" API. A remote authenticated user can send a specially crafted HTTP request and read arbitrary files on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

IBM Data Risk Manager: 2.0.2 - 2.0.3

External links
http://www.ibm.com/support/pages/node/6195705
http://seclists.org/fulldisclosure/2020/Apr/33

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Data Risk Manager