cbcvebase.
CVE-2020-4461
published 2020-05-20

CVE-2020-4461: IBM Security Access Manager Appliance 9.0.7.1 could allow an authenticated user to bypass security by allowing id_token claims manipulation without…

medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
IBM Security Access Manager Appliance 9.0.7.1 could allow an authenticated user to bypass security by allowing id_token claims manipulation without verification. IBM X-Force ID: 181481.

Affected

2 ranges
VendorProductVersion rangeFixed in
ibmsecurity_access_manager>= 9.0 < 9.0.7.19.0.7.1
ibmsecurity_access_manager_appliance