Security Bulletin: WebSphere Application Server shipped with IBM WebSphere Application Server Patterns is vulnerable to a server-side request forgery vulnerability (CVE-2020-4365)

Summary

WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Principal Product and Version(s)

|

Affected Supporting Product and Version

—|—
WebSphere Application Server Patterns, all versions| WebSphere Application Server:

• 8.5

Remediation/Fixes

Please consult the following security bulletin for vulnerability details and information about fixes

• WebSphere Application Server is vulnerable to a server-side request forgery vulnerability (CVE-2020-4365)

Workarounds and Mitigations

None