CVE-2020-4427 PoC — IBM Data Risk Manager 授权问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-4427.yaml

Associated Vulnerability

Title:IBM Data Risk Manager 授权问题漏洞 (CVE-2020-4427)
Description:IBM Data Risk Manager是美国IBM公司的一款数据风险管理器。该产品支持发现、分析和可视化业务风险数据等。 IBM Data Risk Manager中存在授权问题漏洞。当配置有SAML身份验证时，攻击者可通过发送特制的HTTP请求利用该漏洞绕过身份验证过程并获得系统的所有权限。以下产品及版本受到影响：IBM Data Risk Manager 2.0.1版本，2.0.2版本，2.0.3版本，2.0.4版本，2.0.5版本，2.0.6版本。

Description

IBM Data Risk Manager versions 2.0.1 through 2.0.6 are vulnerable to authentication bypass when configured with SAML authentication. A remote attacker can bypass security restrictions by sending a specially crafted HTTP request to the SAML idpSelection endpoint, allowing them to bypass the authentication process and gain full administrative access to the system.

File Snapshot


 id: CVE-2020-4427

info:
  name: IBM Data Risk Manager - Authentication Bypass via SAML
  author: ri

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!