How severe is CVE-2020-4499?

High severity. CVSS v3 base score is 7.3 out of 10.

Vulnerability in Ibm Security Access Manager

CVE-2020-4499

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.

EPSS: 0.004 (60.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.0/I:L/UI:N/AC:L/PR:N/AV:N/C:L/S:U/A:L/RC:C/E:U/RL:O.

Affected products

Ibm Security Access Manager — versions 9.0.7
Ibm Security Verify Access — versions 10.0.0

References

www.ibm.com/support/pages/node/6348046 (x_refsource_CONFIRM)
ibm-sam-cve20204499-sec-bypass (182216) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2020-4499?: CVE-2020-4499 is a high-severity vulnerability in Ibm Security Access Manager. CVSS score: 7.3/10. Published 2020-10-15.
How severe is CVE-2020-4499?: High severity. CVSS v3 base score is 7.3 out of 10.