CNVD-2020-32427 — Vulnetix

CNVD-2020-32427 PUBLISHED

IBM WebSphere Application Server（WAS）和IBM WebSphere Application Server Liberty都是美国IBM公司的产品。IBM WebSphere Application Server是一款应用服务器产品。该产品是JavaEE和Web服务应用程序的平台，也是IBMWebSphere软件平台的基础。IBM WebSphere Application Server Liberty是一款构建于Open Liberty项目之上的Java应用程序服务器。 IBM WAS和WAS Liberty中存在安全漏洞，该漏洞源于程序未能正确检查参数。远程攻击者可利用该漏洞获取敏感信息。

Affected Products

Vendor	Product	Versions
	IBM WebSphere Application Server Liberty >=17.0.0.3，<=20.0.0.4
	IBM Websphere Application Server 7.0
	IBM Websphere Application Server 9.0
	IBM Websphere Application Server 8.0
	IBM WebSphere Application Server 8.5

Timeline

Apr 29, 2020 CVE ID Reserved
Jun 11, 2020 CVE Published

References

https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-in-websphere-application-server-cve-2020-4329/ url

Open in Interactive Console →