Description

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.

Remediation

References

CVE-2020-4499

Related Vulnerabilities

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall SQL Injection (3.8.7)

MediaWiki CVE-2019-12472 Vulnerability (CVE-2019-12472)

Oracle Database Server CVE-2006-0258 Vulnerability (CVE-2006-0258)

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322)

Ruby on Rails Use of Externally-Controlled Format String Vulnerability (CVE-2013-4389)

Severity

Critical

Classification

CVE-2020-4499 CWE-862 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities