Lucene search

CVE-2021-20480

🗓️ 08 Apr 2021 13:13:15Reported by ibmType

cve🔗 web.nvd.nist.gov👁 62 Views🌐 6 Media mentions

IBM WebSphere App Server 7.0/8.0/8.5 SSRF Vulnerabilit

Reporter	Title	Published	Views	Family All 39
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Business Service Manager (CVE-2021-20480)	15 Jun 202116:10	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been fixed in IBM Security Identity Manager Virtual Appliance(CVE-2021-20480)	31 Aug 202121:39	–	ibm
IBM Security Bulletins	Security Bulletin: WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to a Server-side Request Forgery vulnerability (CVE-2021-20480)	14 Jul 202116:11	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2021-20480)	13 Apr 202104:39	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2021-20480)	22 Apr 202116:58	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in embedded IBM WebSphere Application Server which is shipped with IBM Tivoli Netcool Configuration Manager (CVE-2021-20480)	28 Jun 202113:20	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2021-20480)	9 Apr 202107:41	–	ibm
IBM Security Bulletins	Security Bulletin: Embedded WebSphere Application Server is vulnerable to Server-side Request Forgery and affects Content Collector for Email	1 Jun 202116:06	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management	27 Apr 202210:23	–	ibm
IBM Security Bulletins	Security Bulletin: WebSphere Application Server, which is bundled in IBM Cloud Pak for Applications, is vulnerable to a Server-side Request Forgery vulnerability (CVE-2021-20480)	19 Apr 202117:47	–	ibm

Nvd

Vulners

Node

ibm websphere_application_serverRange7.0.0.0–7.0.0.45

ibm websphere_application_serverRange8.0.0.0–8.0.0.15

ibm websphere_application_serverRange8.5.0.0–8.5.5.19

AND

hp hp-uxMatch-

ibm aixMatch-

ibm iMatch-

ibm z\/osMatch-

linux linux_kernelMatch-

microsoft windowsMatch-

oracle solarisMatch--

[
  {
    "product": "WebSphere Application Server",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "8.0"
      },
      {
        "status": "affected",
        "version": "8.5"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/197502
ibm	www.ibm.com/support/pages/node/6441063

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Apr 2021 13:15Current

6.3Medium risk

Vulners AI Score6.3

CVSS24

CVSS34.3 - 6.5

EPSS0.001

CWE-918