CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
32.8%
WebSphere network security vulnerability in IBM Content Foundation on Cloud containers
CVEID:CVE-2020-4329
**DESCRIPTION:**IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/177841 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Content Foundation on Cloud | 5.5.0 |
WebSphere security vulnerabilities
Install WebSphere fix, or one of the below releases to resolve the security vulnerabilities.
Product | ** VRMF** | ** APAR** | Remediation/First Fix |
---|---|---|---|
IBM Content Foundation on Cloud | 5.5.3 | ||
5.5.4 | PJ46159 | ||
PJ46159 | 5.5.3.0-P8CPE-Container-IF003 - July 16, 2020 | ||
5.5.4.0-P8CPE-Container-IF002 - July 21, 2020 |
Only versions covered by continuous support for fixes are listed. Please apply the listed update to remediate.
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | filenet_content_manager | 5.5.3 | cpe:2.3:a:ibm:filenet_content_manager:5.5.3:*:*:*:*:*:*:* |
ibm | filenet_content_manager | 5.5.4 | cpe:2.3:a:ibm:filenet_content_manager:5.5.4:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
32.8%