Description

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.

Remediation

References

CVE-2020-4499

Related Vulnerabilities

WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13136)

WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.5.54)

WordPress Plugin Site Offline Or Coming Soon Or Maintenance Mode Security Bypass (1.5.2)

WordPress Plugin Indieweb Post Kinds Cross-Site Scripting (1.3.1)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-6514)

Severity

Critical

Classification

CVE-2020-4499 CWE-862 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities