COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Data Risk Manager product

3
failure events
0
zero-days
1
RCEs
3
on KEV
0
critical
65
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 3 events

DateEventSevFlagsShameSummary
2021-11-03 CVE-2020-4428 high ⚡RCE ⌖KEV 65 IBM Data Risk Manager contains an unspecified vulnerability which could allow a remote, authenticated attacker to execute commands on the system.�
2021-11-03 CVE-2020-4430 high ⌖KEV 50 IBM Data Risk Manager contains a directory traversal vulnerability that could allow a remote authenticated attacker to traverse directories and send a specially crafted URL request to download arbitrary files from the system.
2021-11-03 CVE-2020-4427 high ⌖KEV 50 IBM Data Risk Manager contains a security bypass vulnerability that could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the auth