Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2020-4499

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.

  • Published: Oct 15, 2020
  • Updated: Apr 14, 2023
  • CVE: CVE-2020-4499
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
ibm / security_verify_access 10.0.0 10.0.0.1
ibm / security_access_manager 9.0.7.0 9.0.7.2