CVE-2020-4499
published 2020-10-15CVE-2020-4499: IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | security_access_manager | — | — |
| ibm | security_access_manager | >= 9.0.7.0 < 9.0.7.2 | 9.0.7.2 |
| ibm | security_verify_access | — | — |
| ibm | security_verify_access | >= 10.0.0 < 10.0.0.1 | 10.0.0.1 |