EUVD-2020-25907

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM Security Access Manager and Verify Access are vulnerable to timing side channel attacks.

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been fixed in IBM Security Access Manager and IBM Security Verify Access (CVE-2020-4661, CVE-2020-4699, CVE-2020-4660)	8 Oct 202020:12	–	ibm
CNVD	IBM Security Access Manager and IBM Security Verify Access Information Disclosure Vulnerability (CNVD-2020-59033)	11 Oct 202000:00	–	cnvd
CNVD	IBM Security Access Manager and IBM Security Verify Access Information Disclosure Vulnerability (CNVD-2020-59034)	11 Oct 202000:00	–	cnvd
CNVD	IBM Security Access Manager and IBM Security Verify Access Information Disclosure Vulnerability	11 Oct 202000:00	–	cnvd
CVE	CVE-2020-4660	12 Oct 202013:05	–	cve
Cvelist	CVE-2020-4660	12 Oct 202013:05	–	cvelist
NCSC	Vulnerabilities fixed in IBM Security Access Manager	9 Oct 202000:00	–	ncsc
NVD	CVE-2020-4660	12 Oct 202013:15	–	nvd
Prion	Code injection	12 Oct 202013:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "76c94855-9332-3a69-af06-945966d39ab7",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "15113cb1-139e-38a9-bc8c-2dd30c70277b",
        "product": {
          "name": "Security Access Manager"
        },
        "product_version": "9.0.7"
      },
      {
        "id": "d3e82913-9720-3746-9289-2dcb5bf53519",
        "product": {
          "name": "Security Verify Access"
        },
        "product_version": "10.0.0"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/6346619
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/186140
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.5Medium risk

Vulners AI Score5.5

CVSS 35.3

CVSS 22.9

CVSS 3.15.3

EPSS0.00123