CVE-2020-4421

Summary

IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify. IBM X-Force ID: 180084.

Affected Software

VendorProductVersion RangeStatus
IBMWebSphere Application Server Liberty20.0.0.4affected
IBMWebSphere Application Server Liberty19.0.0.5affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References