Researchers have found 4 Zero-Day bugs in security software of IBM.
The affected premium product in question is IBM Data Risk Manager(IDRM) that has been designed to analyze sensitive business information assets of an organization and determine associated risks. IBM Data Risk Manager contains three critical severe vulnerabilities and a high impact bug.
This can be exploited by an unauthenticated attacker reachable over the network, and when chained together could also lead to remote code execution as root. Authentication Bypass, Command Injection, Insecure Default Password, Arbitrary File Download are some of the listed bugs and vulnerabilities reported.
IBM Data Risk Manager version 2.0.1 to 2.0.3, are not the most updated version of software but they also work through 2.0.4 to the newest version 2.0.6 because there is no mention of fixed vulnerabilities in any change log. IDRM is used to manage and secure enterprise data which is secure and sensitive and its loss can cause huge damage to various organizations.
The authentication bypass flaw exploits a logical error in the session ID feature to reset the password for any existing account. According to the vulnerability disclosure, to SSH and run sudo commands, IDRM virtual appliance also has a built-in administrative user with username “a3user” and default password of “idrm,” which if left unchanged, could let remote attackers take complete control over the targeted systems.
Any software used for security must be kept updated and reviewed overtime for bugs and vulnerabilities. Keeping a check on software will always refrain the organization from loosing money and sensitive information.
Use NPAV and join us on a mission to secure the cyber world.