Lucene search
IBMCE7B09FDAB4AD52C4D2DF48D876D11F77AB8D075D2126DF86BCFAB3FD1F6D522HistoryMar 16, 2021 - 8:01 p.m.
Security Bulletin: IBM Security Directory Suite is affected by a vulnerability (CVE-2020-4329)
2021-03-1620:01:45
www.ibm.com
16
ibm
security directory suite
vulnerability
remote
attackers
sensitive information
parameter checking
websphere application server
affected versions
cve-2020-4329
EPSS
0.001
Percentile
32.8%
Summary
IBM Security Directory Suite (SDS VA) has addressed the following vulnerability due to remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking.
Vulnerability Details
CVEID:CVE-2020-4329
**DESCRIPTION:**IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/177841 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| SDS VA | 8.0.1 |
Remediation/Fixes
| Product | VRMF | Remediation |
|---|---|---|
| IBM Security Directory Suite | 8.0.1.15 | 8.0.1.15-ISS-ISDS_20210108-0043 |
Workarounds and Mitigations
None
Related
ibm
ibm
Security Bulletin: WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to CVE-2020-4329
2020-07-21 15:57:58
cve
cve
CVE-2020-4329
2020-04-28 14:15:14
prion
prion
Design/Logic Flaw
2020-04-28 14:15:00
cvelist
cvelist
CVE-2020-4329
2020-04-28 13:30:15
nvd
nvd
CVE-2020-4329
2020-04-28 14:15:14
nessus
nessus
redhat
redhat
(RHSA-2020:2054) Important: Open Liberty 20.0.0.5 Runtime security update
2020-05-11 13:29:28
EPSS
0.001
Percentile
32.8%
Related for CE7B09FDAB4AD52C4D2DF48D876D11F77AB8D075D2126DF86BCFAB3FD1F6D522