vulnerability

IBM WebSphere Application Server: CVE-2020-4163: WebSphere Application Server is vulnerable to a command execution vulnerability (CVE-2020-4163)

Severity
6
CVSS
(AV:N/AC:M/Au:S/C:P/I:P/A:P)
Published
Feb 4, 2020
Added
Feb 18, 2020
Modified
Nov 26, 2024

Description

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to create a maliciously crafted file name which would be misinterpreted as jsp content and executed. IBM X-Force ID: 174397.

Solution(s)

ibm-was-install-7-0-0-0-ph20785ibm-was-install-8-0-0-0-ph20785ibm-was-install-8-5-0-0-ph20785ibm-was-install-9-0-0-0-ph20785ibm-was-upgrade-8-5-0-0-8-5-5-17ibm-was-upgrade-9-0-0-0-9-0-5-3
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.