Lucene search
IBM1F51273B8F87F8B83694591AD29AC780AFD865B4FCD0BA2715AD1BECE0B7A556HistoryDec 15, 2020 - 12:35 p.m.
Security Bulletin: WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to cross-site scripting (CVE-2020-4578)
2020-12-1512:35:01
www.ibm.com
10
websphere application server
jazz for service management
cross-site scripting
cve-2020-4578
security bulletin
ibm
EPSS
0.001
Percentile
19.6%
Summary
WebSphere Application Server Admin Console is vulnerable to cross-site scripting. This has been addressed.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| Jazz for Service Management | 1.1.3 |
Remediation/Fixes
| Principal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin |
|---|---|---|
| Jazz for Service Management version 1.1.3 - 1.1.3.9 | Websphere Application Server Full Profile 8.5.5 | Security Bulletin: WebSphere Application Server Admin Console is vulnerable to cross-site scripting (CVE-2020-4578) |
| Jazz for Service Management version 1.1.3.7 - 1.1.3.9 |
Websphere Application Server Full Profile 9.0
Workarounds and Mitigations
Please refer to WAS interim fix.
Related
ibm
ibm
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics
2021-01-11 17:55:12
nessus
nessus
nvd
nvd
CVE-2020-4578
2020-09-10 17:15:33
cve
cve
CVE-2020-4578
2020-09-10 17:15:33
cvelist
cvelist
CVE-2020-4578
2020-09-10 16:50:13
prion
prion
Cross site scripting
2020-09-10 17:15:00
EPSS
0.001
Percentile
19.6%
Related for 1F51273B8F87F8B83694591AD29AC780AFD865B4FCD0BA2715AD1BECE0B7A556