EUVD-2020-25609

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM WebSphere Application Server has a privilege escalation vulnerability in token-based authentication.

Reporter	Title	Published	Views	Family All 42
IBM Security Bulletins	Security Bulletin: Privilege Escalation Vulnerability in WebSphere Application Server shipped with IBM WebSphere Application Server Patterns (CVE-2020-4362)	10 Apr 202016:50	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in the IBM HTTP Server and IBM WebSphere Application Server used in IBM WebSphere Application Server in IBM Cloud	16 Jun 202013:32	–	ibm
IBM Security Bulletins	Security Bulletin: Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2020-4362)	9 Jun 202021:47	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM StoredIQ for Legal	4 Mar 202109:24	–	ibm
IBM Security Bulletins	Security Bulletin: WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to Privilege Escalation Vulnerability (CVE-2020-4362)	26 Jun 202006:18	–	ibm
IBM Security Bulletins	Security Bulletin: Content Collector for Email is affected by a embedded WebSphere Application Server is vulnerable to a privilege escalation vulnerability	6 Aug 202017:16	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager (CVE-2020-4362)	14 Jul 202014:49	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager IP Edition (CVE-2020-4362)	24 Aug 202012:25	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with Tivoli Access Manager for e-business	7 Oct 202021:32	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerability is identified in the WebSphere Application Server where the Rational Asset Manager is deployed (CVE-2020-4362)	27 Apr 202013:41	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "fb7a121d-8cd8-3eb1-9fa7-261eb99bf602",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "30392deb-b3f0-3b1c-8a65-6203779a27c1",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "9.0"
      },
      {
        "id": "3994f221-9f2a-3a84-bbb8-6c609eb5484a",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.0"
      },
      {
        "id": "66a37a22-367e-3208-9c7f-e85c949b246c",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "7.0"
      },
      {
        "id": "7eac82b3-41e9-3618-ab9d-03d864bdf7da",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.5"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/6174417
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/178929
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7.6High risk

Vulners AI Score7.6

CVSS 37.5

CVSS 26.5

CVSS 3.18.8

EPSS0.00505