Description

IBM Security Access Manager 9.0.1 through 9.0.6 does not prove that a user's identity is correct which can lead to the exposure of resources or functionality to unintended actors. IBM X-Force ID: 158574.

Remediation

References

CVE-2019-4158

Related Vulnerabilities

Envoy Proxy Use After Free Vulnerability (CVE-2023-35943)

Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-44227)

WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.7)

Apache Tomcat Other Vulnerability (CVE-2011-1419)

WordPress Plugin Anti Plagiarism Cross-Site Scripting (3.60)

Severity

Medium

Classification

CVE-2019-4158 CWE-862 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities