Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (SKLM) (CVE-2020-5258)

Summary

WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager (SKLM). Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Security Key Lifecycle Manager (SKLM) v2.7 | WebSphere Application Server v9.0.0.1
IBM Security Key Lifecycle Manager (SKLM) v3.0 | WebSphere Application Server v9.0.0.5
IBM Security Key Lifecycle Manager (SKLM) v3.0.1 | WebSphere Application Server v9.0.0.5
IBM Security Key Lifecycle Manager (SKLM) v4.0 | WebSphere Application Server v9.0.5.0
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1 | WebSphere Application Server v9.0.5.5

Remediation/Fixes

Please consult the Security Bulletin: Information disclosure in WebSphere Application Server Admin Console (CVE-2020-5258) for vulnerability details and information about fixes.

Workarounds and Mitigations

None