CVE-2020-4609

Published: Jun 25, 2021Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917.

Affected (1)

Products: Ibm: Security Verify Privilege Manager

1 product

Security Verify Privilege Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Security Verify Privilege Manager	Before 11.0

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/184917

Source: psirt@us.ibm.com

VDB Entry

https://www.ibm.com/support/pages/node/6467047

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/184917

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

https://www.ibm.com/support/pages/node/6467047

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.