CVE-2020-4429
Description
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID: 180534.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM Data Risk Manager versions 2.0.1 through 2.0.6 contain a default administrative password, allowing remote attackers to gain root access.
Vulnerability
IBM Data Risk Manager (IDRM) versions 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contain a default password for an IDRM administrative account [1]. This account is intended for initial setup but is not changed by default, leaving the system exposed.
Exploitation
A remote attacker with network access to the IDRM web interface can exploit this vulnerability by simply logging in with the known default administrative credentials. No authentication or user interaction is required. The attacker can then access the administrative console.
Impact
Successful exploitation grants the attacker full administrative access to the IDRM system with root privileges. This allows the attacker to execute arbitrary code, access sensitive data, and potentially compromise the entire underlying infrastructure [1].
Mitigation
IBM has released IDRM version 2.0.6.2 which fixes this issue [1]. Users should upgrade to 2.0.6.2 or later immediately. As a workaround, administrators can change the default password for the administrative account if upgrading is not immediately possible. No known KEV listing at this time.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <=2.0.6 >=2.0.1
- IBM/Data Risk Managerv5Range: 2.0.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/180534mitrevdb-entryx_refsource_XF
- www.ibm.com/support/pages/node/6206875mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.