Lucene search

IBMD1F4A6DDA0B5756E1496121D947598D8F21D0173838280618DBC9BDB9CC99F1E

HistoryOct 06, 2020 - 7:21 p.m.

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Security Directory Server

2020-10-0619:21:17

www.ibm.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Summary

IBM WebSphere Application Server (WAS) is shipped with IBM Security Directory Server (ISDS). Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in security bulletins.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Security Directory Server	6.4.0

Remediation/Fixes

Principal Product and Version(s)	Affected Supporting Product and Version(s)	Affected Supporting Product Security Bulletin
IBM Security Directory Server 6.4.0	WAS 8.5.5	Security Bulletin: Information Disclosure in WebSphere Application Server Traditional(CVE-2020-4643)

Security Bulletin: Information Disclosure in WebSphere Application Server(CVE-2020-4629)

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security directory servereq6.4.0

CPE	Name	Operator	Version
	ibm security directory server	eq	6.4.0

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Related for D1F4A6DDA0B5756E1496121D947598D8F21D0173838280618DBC9BDB9CC99F1E