Description

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.

Remediation

References

CVE-2020-4499

Related Vulnerabilities

WordPress Plugin Custom 404 Pro Cross-Site Scripting (3.2.8)

WordPress Plugin RAYS Grid Cross-Site Request Forgery (1.2.2)

Resin Application Server Other Vulnerability (CVE-2012-2967)

WordPress 5.7 Multiple Vulnerabilities (5.7)

Apache HTTP Server Other Vulnerability (CVE-2001-0731)

Severity

Critical

Classification

CVE-2020-4499 CWE-862 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities