CVE-2020-4430
Published: 07 May 2020
Summary
CVE-2020-4430 is a medium-severity Path Traversal (CWE-22) vulnerability in Ibm Data Risk Manager. Its CVSS base score is 4.3 (Medium).
Operationally, ranked in the top 0.7% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
IBM Data Risk Manager versions 2.0.1, 2.0.2, 2.0.3, and 2.0.4 contain a directory traversal vulnerability tracked as CVE-2020-4430 and CWE-22. The flaw permits a remote authenticated attacker to submit a specially crafted URL that traverses directories and downloads arbitrary files from the underlying system. It received a CVSS v3.1 base score of 4.3, reflecting network attack vector, low complexity, and limited impact confined to confidentiality.
An authenticated remote attacker can exploit the issue by crafting malicious URL requests to the affected application, enabling unauthorized retrieval of files stored outside the intended web-accessible directories without requiring user interaction.
IBM has published an advisory at https://www.ibm.com/support/pages/node/6206875 addressing the vulnerability, and additional details appear in X-Force and full-disclosure mailing list references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-25677
Vulnerability details
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to download arbitrary files from the system. IBM X-Force ID: 180535.
- CWE(s)
- KEV Date Added
- 03 November 2021
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces access control policies to block unauthorized retrieval of files outside intended directories via crafted URL requests.
Validates URL inputs to reject path traversal sequences (../) that enable arbitrary file downloads.
Enforces information flow rules to stop unauthorized exfiltration of files from restricted system paths.