Risk Scores
CVSS v3.0
7.5
CVSS:3.0/C:H/AV:N/AC:L/S:U/A:N/UI:N/I:N/PR:N/RL:O/E:U/RC:C
EPSS Score
0.34%
56.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | WebSphere | |
| IBM | WebSphere Application Server | 8.0, 8.5, 9.0 |
| ibm | websphere_application_server | 7.0.0.0, 8.0.0.0, 8.5.0.0 |
Timeline
- Sep 21, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 23, 2021 EPSS Score
- Oct 24, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 25, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 28, 2022 EPSS Score
- Jun 29, 2022 EPSS Score
- Aug 31, 2022 EPSS Score
References
- https://www.ibm.com/support/pages/node/6334311 url
- ibm-websphere-cve20204643-xxe (185590) vdb
- https://www.ibm.com/support/pages/node/6351367 advisory
- https://www.ibm.com/support/pages/node/6351365 advisory
- https://www.ibm.com/support/pages/node/6351391 advisory
- https://www.ibm.com/support/pages/node/6351443 advisory
- https://www.ibm.com/support/pages/node/6458177 advisory
- https://www.ibm.com/support/pages/node/6458183 advisory
- https://www.ibm.com/support/pages/node/6458075 advisory
- https://www.ibm.com/support/pages/node/6458159 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-4643 advisory