CVE-2020-4427
Improper Authentication — is CVE-2020-4427real, exploitable, or a false positive? Here's the community ground truth.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532.
References
Published
Embed this verdict
[](https://www.truepositive.app/cve/CVE-2020-4427)<a href="https://www.truepositive.app/cve/CVE-2020-4427"><img src="https://www.truepositive.app/cve/CVE-2020-4427/badge.svg" alt="TruePositive verdict for CVE-2020-4427"></a>Live badge — updates automatically as the community verdict changes.
Community ground truth
Community verdict
2 verdictsIncludes TruePositive's curated baseline from public sources — community verdicts accrue on top.
Pick your verdict — we'll save it right after a quick sign-in.
In line with its CVSS base score.
Field notes & remediation
Verdicts are the quick signal — notes are the evidence and fixes behind them.
- 0
IBM Data Risk Manager Security Bypass Vulnerability — IBM Data Risk Manager contains a security bypass vulnerability that could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. Listed in the CISA KEV catalog (added 2021-11-03) — confirmed exploited in the wild, not theoretical. FIRST EPSS puts the chance of exploitation in the next 30 days at ~70%. Treat it as real and prioritize remediation over triage.
- 0
Required action for IBM Data Risk Manager: Apply updates per vendor instructions. CISA set a federal remediation due date of 2022-05-03. After patching, verify the vulnerable path is no longer reachable before closing the finding.
Related CVEs
Same weakness — CWE-287 · Improper Authentication.
- CVE-2023-35082CVSS 9.8KEVEPSS 100%
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.
- CVE-2023-35078CVSS 9.8KEVEPSS 100%
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.
- CVE-2017-7921CVSS 9.8KEVEPSS 100%
An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.
- CVE-2024-7593CVSS 9.8KEVEPSS 100%
Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
- CVE-2021-34523CVSS 9KEVEPSS 100%
Microsoft Exchange Server Elevation of Privilege Vulnerability
- CVE-2023-46805CVSS 8.2KEVEPSS 100%
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.