Lucene search
IBM68EE307C60992B9D768F3D8F3AF57FE7AFFF0AF21ABDACD3EEE5703A1310461DHistoryApr 28, 2021 - 10:00 p.m.
Security Bulletin: WebSphere Application Server Traditional, which is bundled with IBM Cloud Pak for Applications, is vulnerable to an XML External Entity (XXE) Injection vulnerability (CVE-2021-20454)
2021-04-2822:00:31
www.ibm.com
11
websphere
ibm cloud pak
xxe injection
EPSS
0.002
Percentile
59.9%
Summary
WebSphere Application Server Traditional, which is bundled with IBM Cloud Pak for Applications, is vulnerable to an XML External Entity (XXE) Injection vulnerability (CVE-2021-20454)
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Principal Affected Product(s) and Versions(s) | Supporting Affected Product(s) and Version(s) |
|---|---|
| IBM Cloud Pak for Applications, all |
WebSphere Application Server, Traditional
- 9
- 8.5
- 8
- 7
Remediation/Fixes
Please consult the following security bulletin for vulnerability details and information about fixes:
Workarounds and Mitigations
None
Related
ibm
ibm
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server used by IBM Rational ClearQuest (CVE-2021-20454)
2021-09-29 12:26:12
cvelist
cvelist
CVE-2021-20454
2021-04-21 12:05:20
cve
cve
CVE-2021-20454
2021-04-21 12:15:08
prion
prion
Xxe
2021-04-21 12:15:00
nvd
nvd
CVE-2021-20454
2021-04-21 12:15:08
d0znpp
d0znpp
A4: XML External Entities (XXE) βοΈβββTop 10 OWASP 2017
2021-09-14 13:09:18
EPSS
0.002
Percentile
59.9%
Related for 68EE307C60992B9D768F3D8F3AF57FE7AFFF0AF21ABDACD3EEE5703A1310461D