Lucene search

K
ibmIBM136047FB9A6CC775B21ED950DA844DE6E617DDB6DC4A2EFBDB0E599871DD5A00
HistoryJul 03, 2020 - 4:59 p.m.

Security Bulletin: A vulnerability in IBM WebSphere Application Server affects IBM Operations Analytics Predictive Insights (CVE-2020-4163)

2020-07-0316:59:45
www.ibm.com
8

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

Summary

Websphere Application Server (WAS) is shipped as a component of IBM Operations Analytics Predictive Insights. Information about a security vulnerability affecting WAS has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Principal Product and Version(s) Affected Supporting Product and Version
IBM Operations Analytics Predictive Insights v1.3.3 Websphere Application Server 8.5
IBM Operations Analytics Predictive Insights v1.3.5 Websphere Application Server 8.5
IBM Operations Analytics Predictive Insights v1.3.6 Websphere Application Server 8.5

Remediation/Fixes

Please consult the security bulletin WebSphere Application Server is vulnerable to a command execution vulnerability (CVE-2020-4163) for vulnerability details and information about fixes

Workarounds and Mitigations

None

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

Related for 136047FB9A6CC775B21ED950DA844DE6E617DDB6DC4A2EFBDB0E599871DD5A00