CVE-2020-4661
First published: Thu Oct 08 2020(Updated: )
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the system. IBM X-Force ID: 186142.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Access Manager | =9.0.7.0 | |
| IBM Security Verify Access | =10.0.0 | |
| <=9.0.7 | ||
| <=10.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this security vulnerability?
The vulnerability ID of this security vulnerability is CVE-2020-4661.
What is the severity level of CVE-2020-4661?
The severity level of CVE-2020-4661 is medium.
How can this vulnerability be exploited?
This vulnerability can be exploited through timing side channel attacks.
Which IBM products are affected by CVE-2020-4661?
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 are affected by CVE-2020-4661.
Is there a fix available for CVE-2020-4661?
Yes, IBM has provided a fix for CVE-2020-4661. Please refer to the IBM support page for more information.
- collector/nvd-index
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm security access manager
- version/ibm security access manager/9.0.7.0
- canonical/ibm security verify access
- version/ibm security verify access/10.0.0
- canonical/ibm isam
- version/ibm isam/9.0.7
- canonical/ibm isva
- version/ibm isva/10.0.0