vulnerability
IBM WebSphere Application Server: CVE-2020-4163: WebSphere Application Server is vulnerable to a command execution vulnerability (CVE-2020-4163)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
6 | (AV:N/AC:M/Au:S/C:P/I:P/A:P) | Feb 4, 2020 | Feb 18, 2020 | Nov 26, 2024 |
Severity
6
CVSS
(AV:N/AC:M/Au:S/C:P/I:P/A:P)
Published
Feb 4, 2020
Added
Feb 18, 2020
Modified
Nov 26, 2024
Description
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to create a maliciously crafted file name which would be misinterpreted as jsp content and executed. IBM X-Force ID: 174397.
Solution(s)
ibm-was-install-7-0-0-0-ph20785ibm-was-install-8-0-0-0-ph20785ibm-was-install-8-5-0-0-ph20785ibm-was-install-9-0-0-0-ph20785ibm-was-upgrade-8-5-0-0-8-5-5-17ibm-was-upgrade-9-0-0-0-9-0-5-3

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.