Lucene search

K

IBM7B05B840ACCC17A8D2E2D9B0FD2D6480FB03A9408D40E605B8310E82A4503F00

HistoryOct 14, 2020 - 8:48 p.m.

Security Bulletin: IBM Security Guardium is affected by a jackson-databind vulnerability

2020-10-1420:48:36

www.ibm.com

23

ibm security guardium

cve-2020-8840

vulnerability

EPSS

0.03

Percentile

91.0%

Summary

IBM Security Guardium has fixed this vulnerability

Vulnerability Details

CVEID:CVE-2020-8840
**DESCRIPTION:**An unspecified error with the lack of certain xbean-reflect/JNDI blocking in FasterXML jackson-databind has an unknown impact and attack vector.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/176241 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Security Guardium	11.1

Remediation/Fixes

Product	Versions	Fix
IBM Security Guardium	11.1	http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Secur…

Workarounds and Mitigations

None

EPSS

0.03

Percentile

91.0%

Related for 7B05B840ACCC17A8D2E2D9B0FD2D6480FB03A9408D40E605B8310E82A4503F00

githubexploit3 ibm37 osv6 veracode1 cvelist1 f51 cve1 github1 huawei2 ubuntucve1 debiancve1 nessus12 redhatcve1 nvd1 prion1 debian1 openvas3 attackerkb1 checkpoint_advisories1 redhat16 rocky1 mageia1 ubuntu1 hp1 oracle2