Lucene search

K
ibmIBM4CF0D5F5C6782C9B3BFB2BC5CA98BEB2B630DFFA31F97048D31D11C98A091F81
HistoryJun 02, 2021 - 7:47 p.m.

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2021-20492)

2021-06-0219:47:04
www.ibm.com
6

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.002 Low

EPSS

Percentile

50.1%

Summary

WebSphere Application Server is shipped with WebSphere Remote Server. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
IBM WebSphere Remote Server - Product Family 9.0, 8.5

Remediation/Fixes

Principal Product and Version(s) |

Affected Supporting Product and Version

|

Affected Supporting Product Security Bulletin

—|—|—

WebSphere Remote Server 9.0, 8.5

|

WebSphere Application Server 9.0, 8.5, 8.0

|

WebSphere Application Server Java Batch is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2021-20492)

Workarounds and Mitigations

None

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.002 Low

EPSS

Percentile

50.1%

Related for 4CF0D5F5C6782C9B3BFB2BC5CA98BEB2B630DFFA31F97048D31D11C98A091F81