CVE-2019-4150
First published: Tue Jun 25 2019(Updated: )
IBM Security Access Manager 9.0.1 through 9.0.6 does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-Force ID: 158510.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Access Manager | >=9.0.1<=9.0.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for IBM Security Access Manager?
The vulnerability ID for IBM Security Access Manager is CVE-2019-4150.
What is the severity of CVE-2019-4150?
The severity of CVE-2019-4150 is medium, with a severity value of 3.7.
What is the affected software for CVE-2019-4150?
The affected software for CVE-2019-4150 is IBM Security Access Manager version 9.0.1 through 9.0.6.
What is the description of CVE-2019-4150?
CVE-2019-4150 refers to a vulnerability in IBM Security Access Manager where it does not validate or incorrectly validates a certificate, allowing an attacker to perform a man-in-the-middle (MITM) attack.
How can I fix CVE-2019-4150?
To fix CVE-2019-4150, it is recommended to upgrade to a version of IBM Security Access Manager that properly validates certificates.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/remedy
- agent/description
- agent/tags
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- vendor/ibm
- canonical/ibm security access manager
- version/ibm security access manager/9.0.1
- version/ibm security access manager/9.0.6