CVE-2020-4629

🗓️ 30 Sep 2020 14:35:14Reported by ibmType

IBM WebSphere App Server 7.0-9.0 allows local user to obtain sensitive info. IBM X-Force ID: 185370

Reporter	Title	Published	Views	Family All 42
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in WebSphere Application Server affect Predictive Maintenance and Quality and Predictive Maintenance Insights	19 Oct 202015:09	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2020-4629)	1 Oct 202007:23	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2020-4629)	19 Mar 202108:24	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities identified in IBM WebSphere Application Server shipped with IBM WebSphere Service Registry and Repository (CVE-2020-4629 and CVE-2020-4576)	5 Oct 202018:04	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2020-4629)	27 Oct 202015:42	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere® Application Server shipped with IBM® Intelligent Operations Center (CVE-2020-4629)	20 Oct 202009:13	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2020-4629)	19 Mar 202108:30	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Rational ClearQuest	10 Dec 202006:45	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in embedded IBM WebSphere Application Server, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2020-4629)	19 Mar 202108:23	–	ibm
IBM Security Bulletins	Security Bulletin: WebSphere Application Server which is a component of IBM Cloud Pak for Applications is vulnerable to an information exposure vulnerability (CVE-2020-4629)	12 Oct 202016:58	–	ibm

NVD

Vulners

Node

ibm websphere_application_serverRange7.0.0.0–7.0.0.45

ibm websphere_application_serverRange7.0.0.0–7.0.0.45hypervisor

ibm websphere_application_serverRange8.0.0.0–8.0.0.15

ibm websphere_application_serverRange8.0.0.0–8.0.0.15hypervisor

ibm websphere_application_serverRange8.5.0.0–8.5.5.18

ibm websphere_application_serverRange8.5.0.0–8.5.5.18hypervisor

ibm websphere_application_serverRange9.0.0.0–9.0.5.5

ibm websphere_application_serverRange9.0.0.0–9.0.5.5hypervisor

AND

hp hp-uxMatch-

ibm aixMatch-

ibm iMatch-

ibm z/osMatch-

linux linux_kernelMatch-

microsoft windowsMatch-

oracle solarisMatch--

[
  {
    "product": "WebSphere Application Server",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "8.0"
      },
      {
        "status": "affected",
        "version": "8.5"
      },
      {
        "status": "affected",
        "version": "9.0"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/185370
ibm	www.ibm.com/support/pages/node/6339255

21 Nov 2024 05:33Current

3.4Low risk

Vulners AI Score3.4

CVSS 22.1

CVSS 3.13.3

CVSS 32.9

EPSS0.00041

CWE-209