Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMCDA54BB7AD19A45B935024FCB8EF9167D8CD70EA8D1DDC6ED448AA8AE94AD619
HistoryJan 11, 2021 - 5:55 p.m.

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics

2021-01-1117:55:12
www.ibm.com
13
ibm
websphere
operations analytics
predictive insights
security vulnerability
cross-site scripting
cve-2020-4578

EPSS

0.001

Percentile

19.6%

JSON

Summary

Websphere Application Server (WAS) is shipped as a component of IBM Operations Analytics Predictive Insights. Information about WebSphere Application Server traditional Admin Console cross-site scripting security vulnerability information disclosure ( CVE-2020-4578 ) has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Product and Version(s) Affected Supporting Product and Version(s)
IBM Operations Analytics Predictive Insights - All Websphere Application Server 8.5
IBM Operations Analytics Predictive Insights - All Websphere Application Server 9.0

Remediation/Fixes

For WebSphere v9.0.0.0 through 9.0.5.5:

For more information and recommended solutions see the full details disclosed in security bulletin: WebSphere Application Server Admin Console is vulnerable to cross-site scripting (CVE-2020-4578)

For WebSphere v8.5.0.0 through 8.5.5.17:

For more information and recommended solutions see the full details disclosed in security bulletin: WebSphere Application Server Admin Console is vulnerable to cross-site scripting (CVE-2020-4578)

Workarounds and Mitigations

None

Related

ibm 35
nessus 1
nvd 1
cve 1
cvelist 1
prion 1
ibm
ibm
Security Bulletin: WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to cross-site scripting (CVE-2020-4578)
2020-12-15 12:35:01
Security Bulletin: Embedded WebSphere Application Server Admin Console is vulnerable to cross-site scripting affects Content Collector for Email
2020-10-28 17:49:24
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase (CVE-2020-4578)
2020-09-21 17:15:07
nessus
nessus
IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.6 XSS (CVE-2020-4578)
2020-10-15 00:00:00
nvd
nvd
CVE-2020-4578
2020-09-10 17:15:33
cve
cve
CVE-2020-4578
2020-09-10 17:15:33
cvelist
cvelist
CVE-2020-4578
2020-09-10 16:50:13
prion
prion
Cross site scripting
2020-09-10 17:15:00

EPSS

0.001

Percentile

19.6%

JSON
Related for CDA54BB7AD19A45B935024FCB8EF9167D8CD70EA8D1DDC6ED448AA8AE94AD619
ibm35nessus1nvd1cve1cvelist1prion1