cyber Vulnerability

IBM

May 11, 2023 1 min read
IBM

Four zero-day vulnerabilities impacted an IBM security product after the company refused to patch bugs following a private bug disclosure attempt.

The bugs impacted the IBM Data Risk Manager (IDRM).

It is an enterprise security tool that aggregates feeds from vulnerability scanning tools and other risk management tools to let admins investigate security issues.

The compromise of product led to a full-scale company compromise, as the tool had credentials to access other security tools.

It contained information about critical vulnerabilities that affect the company.

Source: https://www.zdnet.com/article/security-researcher-discloses-four-ibm-zero-days-after-company-refused-to-patch/

"id": "IBM162291222",
"linkid": "ibm",
"type": "Vulnerability",
"date": "04/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.