Security Bulletin: Security vulnerability are identified in WebSphere Application Server where Rational Asset Manager is deployed (CVE-2020-4329)


## Summary In the WebSphere Application Server (WAS) admin console where the Rational Asset Manager (RAM) is deployed, allowing a remote attacker obtaining sensitive information caused by improper parameter checking is observed. Information about this security vulnerability affecting WebSphere Application Server is published in the respective security bulletin. ## Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section ## Affected Products and Versions IBM Rational Asset Manager 7.5 .1, 7.5.2.x, 7.5.3.x, and 7.5.4. **NOTE:** Rational Asset Manager 7.5.2 and later versions does not support embedded WebSphere Application Server. ## Remediation/Fixes Refer to the following security bulletin for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS). ** Affected Supporting Product**| ** Affected Supporting Product Security Bulletin** ---|--- IBM WebSphere Application Server Version 7.0, 8.0, 8.5, and 9.0.| [Security Bulletin: Information disclosure in WebSphere Application Server (CVE-2020-4329)](<https://www.ibm.com/support/pages/security-bulletin-information-disclosure-websphere-application-server-cve-2020-4329> "Security Bulletin: Information disclosure in WebSphere Application Server \(CVE-2020-4329\)" ) ## Workarounds and Mitigations None ##

Affected Software

CPE Name Name Version
rational asset manager 7.5
rational asset manager 7.5.1
rational asset manager 7.5.3.
rational asset manager 7.5.4.