Description

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the system. IBM X-Force ID: 186947.

Remediation

References

CVE-2020-4699

Related Vulnerabilities

XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4641)

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6146)

WordPress Plugin Automated Editor Cross-Site Scripting (1.3)

Django Resource Management Errors Vulnerability (CVE-2015-2316)

WordPress Plugin Registrations for the Events Calendar-Event Registration SQL Injection (2.7.5)

Severity

Medium

Classification

CVE-2020-4699 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities