IBM6F785461AE7F76309B5F9A92C52C7133FF47DACA504C73AD4552ADB44C6232E6Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics Predictive Insights (CVE-2020-4629)
EPSS
Percentile
5.1%
Summary
Websphere Application Server (WAS) is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server vulnerability ( CVE-2020-4629 ) through exploiting access to FFDC logs file on the server has been published in a security bulletin.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Principal Product and Version(s) | Affected Supporting Product and Version(s) |
|---|---|
| IBM Operations Analytics Predictive Insights - All | Websphere Application Server 8.5 |
| IBM Operations Analytics Predictive Insights - All | Websphere Application Server 9.0 |
Remediation/Fixes
For more information and recommended solutions see the full details disclosed in the security bulletin: WebSphere Application Server is vulnerable to an information disclosure vulnerability (CVE-2020-4629)
In summary, details for Predictive Insights WebSphere only:
For WebSphere v9.0.0.0 through 9.0.5.5:
For more information and recommended solutions see the full details disclosed in the security bulletin: WebSphere Application Server is vulnerable to an information disclosure vulnerability (CVE-2020-4629)
For WebSphere v8.5.0.0 through 8.5.5.18:
For more information and recommended solutions see the full details disclosed in the security bulletin: WebSphere Application Server is vulnerable to an information disclosure vulnerability (CVE-2020-4629)
Workarounds and Mitigations
None
Related
