IBME7E5E28DAD8F6052253165640BCA45A2530D0B56CEAE9377CBCB1A8915962EDESecurity Bulletin: A security vulnerability has been identified in embedded IBM WebSphere Application Server, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2021-20454)
0.002 Low
EPSS
Percentile
60.0%
Summary
Embedded IBM WebSphere Application Server is shipped with IBM Tivoli Network Manager version 4.2.0,4.1.1 and 3.9. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| ITNM | 3.9 |
| ITNM | 4.1.1.x |
| ITNM | 4.2.0.x |
Remediation/Fixes
| Affected Product(s) | Version(s) | Remediation |
|---|---|---|
| ITNM | 4.2.0.x |
WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability
See section: For V8.5.0.0 through 8.5.5.19:
ITNM| 4.1.1.x|
WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability
See section: For V8.5.0.0 through 8.5.5.19:
ITNM| 3.9.x|
WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability
See section: For V8.5.0.0 through 8.5.5.19:
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| tivoli network manager ip edition | eq | 3.9 | |
| tivoli network manager ip edition | eq | 4.1.1 |
Related
0.002 Low
EPSS
Percentile
60.0%