Lucene search

K

IBMA526E5B5DE7AFBA5A1D88D49F2EAFA93385D7E78265B592E08CCB4FD613F5F18

HistoryMay 06, 2020 - 12:02 p.m.

Security Bulletin: Cross-site Scripting Vulnerability in Websphere Application Server liberty bundled with IBM Cloud Pak System (CVE-2019-4663)

2020-05-0612:02:05

www.ibm.com

18

EPSS

0.001

Percentile

19.6%

Summary

Vulnerability has been identified in the Websphere Liberty AdminCenter in WebSphere Application Server Liberty bundled with Cloud Pak System (CVE-2019-4663) . Cloud Pak System has released v2.3.2.0 with supports WebSphere Application Server Liberty 19.0.0.12. Information about vulnerability has been published in security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Principal Product and Affected Versions(s)	Affected Supporting Product and Version(s)

IBM Cloud Pak Systems All releases

|

WebSphere Application Server - Liberty

Remediation/Fixes

Cloud Pak System has released v2.3.2.0 with supports WebSphere Application Server Liberty 19.0.0.12.

Please consult the following security bulletin for vulnerability details and information about fixes

WebSphere Application Server Liberty is vulnerable to Cross-site Scripting (CVE-2019-4663)

Or

Upgrade to Cloud Pak System 2.3.2.0

Information on upgrading can be found here: <https://www.ibm.com/support/pages/node/887959>

Workarounds and Mitigations

None

EPSS

0.001

Percentile

19.6%

Related for A526E5B5DE7AFBA5A1D88D49F2EAFA93385D7E78265B592E08CCB4FD613F5F18

ibm22 cvelist1 prion1 cve1 nvd1 redhat1