CVE-2020-4430 - IBM Data Risk Manager Directory Traversal Vulnerability
Project:IBM
Product:Data Risk Manager
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
IBM Data Risk Manager Directory Traversal Vulnerability
Description
IBM Data Risk Manager contains a directory traversal vulnerability that could allow a remote authenticated attacker to traverse directories and send a specially crafted URL request to download arbitrary files from the system.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-4430