Lucene search

K
ibmIBMCE7B09FDAB4AD52C4D2DF48D876D11F77AB8D075D2126DF86BCFAB3FD1F6D522
HistoryMar 16, 2021 - 8:01 p.m.

Security Bulletin: IBM Security Directory Suite is affected by a vulnerability (CVE-2020-4329)

2021-03-1620:01:45
www.ibm.com
16
ibm
security directory suite
vulnerability
remote
attackers
sensitive information
parameter checking
websphere application server
affected versions
cve-2020-4329

EPSS

0.001

Percentile

32.8%

Summary

IBM Security Directory Suite (SDS VA) has addressed the following vulnerability due to remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking.

Vulnerability Details

CVEID:CVE-2020-4329
**DESCRIPTION:**IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/177841 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
SDS VA 8.0.1

Remediation/Fixes

Product VRMF Remediation
IBM Security Directory Suite 8.0.1.15 8.0.1.15-ISS-ISDS_20210108-0043

Workarounds and Mitigations

None

EPSS

0.001

Percentile

32.8%

Related for CE7B09FDAB4AD52C4D2DF48D876D11F77AB8D075D2126DF86BCFAB3FD1F6D522