Security Bulletin: Multiple security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2020-4448, CVE-2020-4449 and CVE-2020-4450)

Summary

WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about security vulnerabilities affecting WebSphere Application Server have been published in security bulletins.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Principal Product and Version(s)

|

Affected Supporting Product and Version(s)

—|—
WebSphere Service Registry and Repository V8.5| WebSphere Application Server V8.5.5
WebSphere Service Registry and Repository V8.0| WebSphere Application Server V8.0

Remediation/Fixes

Please consult

• Security Bulletin: Remote code execution vulnerability in WebSphere Application Server ND (CVE-2020-4448)
• Security Bulletin: WebSphere Application Server is vulnerable to an information exposure vulnerability (CVE-2020-4449)
• Security Bulletin: WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2020-4450)

for vulnerability details and information about fixes.

Workarounds and Mitigations

None