First published: Thu Aug 27 2020(Updated: )
IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Ibm Websphere Application Server | >=8.5.0.0<8.5.5.18 | |
Ibm Websphere Application Server | >=9.0.0.0<9.0.5.5 | |
IBM WebSphere Virtual Enterprise | =7.0 | |
IBM WebSphere Virtual Enterprise | =8.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-4575.
IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are affected.
The severity level of CVE-2020-4575 is medium (6.1).
This vulnerability can be exploited through cross-site scripting when High Availability Deployment Manager is configured.
Yes, IBM has provided recommendations to mitigate this vulnerability. Please refer to the official IBM support page for more information.