Medium Severity

Security Bulletin: IBM Security Access Manager is vulnerable to a bypass security vulnerability (CVE-2020-4461)

Share this post:

A bypass security vulnerability was fixed in IBM Security Access Manager 9.0.7.1

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
ISAM 9.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6211847

More stories

Security Bulletin: IBM Cloud Pak for Security (CP4S) could reveal sensitive information to authenticated user (CVE-2020-4626)

Nov 25, 2020 7:00 pm EST | Medium Severity

IBM Cloud Pak for Security (CP4S) could reveal sensitive information about the internal network to an authenticated user using a specially crafted HTTP request. The issue has been addressed. ...read more


Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affect IBM Cognos Command Center

Nov 25, 2020 7:00 pm EST | Medium Severity

There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM Cognos Command Center. These issues were disclosed as part of the IBM Java SDK update for April 2020 and July 2020. ...read more


Security Bulletin: IBM Cloud Pak for Security (CP4S) vulnerable to session handling issue (CVE-2020-4696)

Nov 25, 2020 7:00 pm EST | Medium Severity

IBM Cloud Pak for Security (CP4S) does not invalidate session immediately after logout which could allow an authenticated user to obtain sensitive information from the previous session if an attacker secured access to a valid token. This has now been addressed. ...read more