CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
47.7%
WebSphere Application Server is shipped as a component of IBM Business Automation Workflow, IBM Business Process Manager, and WebSphere Enterprise Service Bus. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM Business Automation Workflow | V20.0 |
V19.0 | |
V18.0 | |
IBM Business Process Manager | V8.6 |
V8.5 | |
V8.0 | |
WebSphere Enterprise Service Bus | All |
WebSphere Enterprise Service Bus Registry Edition | All |
For earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.
Please consult the Security Bulletin: WebSphere Application Server is vulnerable to an information exposure vulnerability (CVE-2020-4643) for vulnerability details and information about fixes.
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | websphere_enterprise_service_bus | any | cpe:2.3:a:ibm:websphere_enterprise_service_bus:any:*:*:*:registry:*:*:* |
ibm | business_process_manager_enterprise_service_bus | 8.6.0.0 | cpe:2.3:a:ibm:business_process_manager_enterprise_service_bus:8.6.0.0:*:*:*:*:*:*:* |
ibm | business_process_manager | 8.6.0. | cpe:2.3:a:ibm:business_process_manager:8.6.0.:*:*:*:*:*:*:* |
ibm | business_process_manager | 201803 | cpe:2.3:a:ibm:business_process_manager:201803:*:*:*:*:*:*:* |
ibm | business_process_manager | 201712 | cpe:2.3:a:ibm:business_process_manager:201712:*:*:*:*:*:*:* |
ibm | business_process_manager | 8.6 | cpe:2.3:a:ibm:business_process_manager:8.6:*:*:*:*:*:*:* |
ibm | websphere_enterprise_service_bus | 7.5.1.2 | cpe:2.3:a:ibm:websphere_enterprise_service_bus:7.5.1.2:*:*:*:*:*:*:* |
ibm | websphere_enterprise_service_bus | 7.5.1.1 | cpe:2.3:a:ibm:websphere_enterprise_service_bus:7.5.1.1:*:*:*:*:*:*:* |
ibm | websphere_enterprise_service_bus | 7.5.1 | cpe:2.3:a:ibm:websphere_enterprise_service_bus:7.5.1:*:*:*:*:*:*:* |
ibm | websphere_enterprise_service_bus | 7.5.0.1 | cpe:2.3:a:ibm:websphere_enterprise_service_bus:7.5.0.1:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
47.7%