Lucene search
IBM1F51273B8F87F8B83694591AD29AC780AFD865B4FCD0BA2715AD1BECE0B7A556HistoryDec 15, 2020 - 12:35 p.m.
Security Bulletin: WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to cross-site scripting (CVE-2020-4578)
2020-12-1512:35:01
www.ibm.com
6
0.001 Low
EPSS
Percentile
19.8%
Summary
WebSphere Application Server Admin Console is vulnerable to cross-site scripting. This has been addressed.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| Jazz for Service Management | 1.1.3 |
Remediation/Fixes
| Principal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin |
|---|---|---|
| Jazz for Service Management version 1.1.3 - 1.1.3.9 | Websphere Application Server Full Profile 8.5.5 | Security Bulletin: WebSphere Application Server Admin Console is vulnerable to cross-site scripting (CVE-2020-4578) |
| Jazz for Service Management version 1.1.3.7 - 1.1.3.9 |
Websphere Application Server Full Profile 9.0
Workarounds and Mitigations
Please refer to WAS interim fix.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jazz for service management | eq | 1.1.3 |
Related
cve
cve
CVE-2020-4578
2020-09-10 17:15:33
nessus
nessus
ibm
ibm
Security Bulletin: A security vulnerability has been identified in WebSphereยฎ Application Server shipped with IBMยฎ Intelligent Operations Center CVE-2020-4578)
2020-09-11 09:09:02
nvd
nvd
CVE-2020-4578
2020-09-10 17:15:33
prion
prion
Cross site scripting
2020-09-10 17:15:00
cvelist
cvelist
CVE-2020-4578
2020-09-09 00:00:00
0.001 Low
EPSS
Percentile
19.8%
Related for 1F51273B8F87F8B83694591AD29AC780AFD865B4FCD0BA2715AD1BECE0B7A556