Lucene search
IBM0D6ACB283C4ACCB18C41A89032283CB429253B93806A36FB513E94FB8D46F6A1HistoryOct 28, 2020 - 5:40 p.m.
Security Bulletin: Embedded WebSphere Application Server traditional is vulnerable to a remote code execution vulnerability affects Content Collector for Email
2020-10-2817:40:35
www.ibm.com
13
ibm
websphere application server
remote code execution
content collector for email
vulnerability
serialization
untrusted sources
EPSS
0.007
Percentile
79.5%
Summary
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 184585.
Vulnerability Details
CVEID:CVE-2020-4589
**DESCRIPTION:**IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 184585.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/184585 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| Content Collector for Email | 4.0.0 |
| Content Collector for Email | 4.0.x |
Remediation/Fixes
| Product | VRM | Remediation |
|---|---|---|
| Content Collector for Email | 4.0.1 | Use Content Collector for Email 4.0.1.9 Interim Fix IF007 |
Workarounds and Mitigations
None
Related
prion
prion
Code injection
2020-08-13 12:15:00
ibm
ibm
cve
cve
CVE-2020-4589
2020-08-13 12:15:25
nessus
nessus
cvelist
cvelist
CVE-2020-4589
2020-08-13 11:50:13
nvd
nvd
CVE-2020-4589
2020-08-13 12:15:25
EPSS
0.007
Percentile
79.5%
Related for 0D6ACB283C4ACCB18C41A89032283CB429253B93806A36FB513E94FB8D46F6A1