Multiplie vulnerabilities identified in IBM Security Verify Privilege Manager previously known as IBM Security Privilege Manager has been addressed in the release 11.0
CVEID:CVE-2020-4609
**DESCRIPTION:**IBM Security Sevret Server is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/184917 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:CVE-2020-4610
**DESCRIPTION:**IBM Security Secret Server could allow a local user to execute code due to improper integrity checks.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/184919 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
All versions of IBM Security Verify Privilege Manager prior to 11.0
Upgrade to the latest release available here.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security secret server | eq | 10.8.2 |