Vulnerability Name:
CVE-2020-4448 (CCN-181228)
Assigned:
2019-12-30
Published:
2020-06-04
Updated:
2020-06-10
Summary:
IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 181228.
CVSS v3 Severity:
9.8 Critical
(CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
)
8.5 High
(Temporal CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
9.8 Critical
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
)
8.5 High
(CCN Temporal CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
CVSS v2 Severity:
10.0 High
(CVSS v2 Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
10.0 High
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
Vulnerability Type:
CWE-502
Vulnerability Consequences:
Gain Access
References:
Source: MITRE
Type: CNA
CVE-2020-4448
Source: XF
Type: UNKNOWN
ibm-websphere-cve20204448-command-exec(181228)
Source: XF
Type: VDB Entry, Vendor Advisory
ibm-websphere-cve20204448-command-exec (181228)
Source: CCN
Type: IBM Security Bulletin 6220336 (WebSphere Application Server)
Remote code execution vulnerability in WebSphere Application Server ND (CVE-2020-4448)
Source: CONFIRM
Type: Patch, Vendor Advisory
https://www.ibm.com/support/pages/node/6220336
Source: CCN
Type: IBM Security Bulletin 6232876 (WebSphere Application Server in Cloud)
Multiple vulnerabilities in the IBM HTTP Server and IBM WebSphere Application Server used in IBM WebSphere Application Server in IBM Cloud
Source: CCN
Type: IBM Security Bulletin 6242348 (Security Identity Manager Virtual Appliance)
IBM Security Identity Manager Virtual Appliance is affected by multiple vulnerabilities
Source: CCN
Type: IBM Security Bulletin 6333467 (Cloud Orchestrator)
Vulnerabilities in WebSphere Application Server affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise
Source: CCN
Type: IBM Security Bulletin 6430137 (Security Privileged Identity Manager)
IBM Security Privileged Identity Manager is affected by a code execution vulnerability (CVE-2020-4448)
Source: CCN
Type: IBM Security Bulletin 6458159 (InfoSphere Master Data Management)
Security vulnerabilities have been identified in IBM WebSphere Application Server used by InfoSphere Master Data Management 11.6
Source: CCN
Type: ZDI-20-688
IBM WebSphere UploadFileArgument Deserialization of Untrusted Data Remote Code Execution Vulnerability
Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-20-688/
Vulnerable Configuration:
Configuration 1
:
cpe:/a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
(Version >= 8.5.0.0 and < 8.5.5.18)
OR
cpe:/a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
(Version >= 9.0.0.0 and < 9.0.5.4)
OR
cpe:/a:ibm:websphere_virtual_enterprise:7.0:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_virtual_enterprise:8.0:*:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*
AND
cpe:/a:ibm:security_privileged_identity_manager:2.0.2:*:*:*:*:*:*:*
OR
cpe:/a:ibm:security_privileged_identity_manager:2.1.0:*:*:*:*:*:*:*
OR
cpe:/a:ibm:infosphere_master_data_management:11.6:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_application_server_in_cloud:8.5:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_application_server_in_cloud:9.0:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_application_server_in_cloud:*:*:*:*:liberty:*:*:*
OR
cpe:/a:ibm:security_privileged_identity_manager:2.1.1:*:*:*:*:*:*:*
OR
cpe:/a:ibm:cloud_orchestrator:2.5.0.10:*:*:*:-:*:*:*
OR
cpe:/a:ibm:security_identity_manager_virtual_appliance:7.0.2:*:*:*:*:*:*:*
OR
cpe:/a:ibm:security_identity_manager_virtual_appliance:7.0.1:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
ibm
websphere application server *
ibm
websphere application server *
ibm
websphere virtual enterprise 7.0
ibm
websphere virtual enterprise 8.0
ibm
websphere application server 7.0
ibm
websphere application server 8.0
ibm
websphere application server 8.5
ibm
websphere application server 9.0
ibm
security privileged identity manager 2.0.2
ibm
security privileged identity manager 2.1.0
ibm
infosphere master data management 11.6
ibm
websphere application server in cloud 8.5
ibm
websphere application server in cloud 9.0
ibm
websphere application server in cloud *
ibm
security privileged identity manager 2.1.1
ibm
cloud orchestrator 2.5.0.10
ibm
security identity manager virtual appliance 7.0.2
ibm
security identity manager virtual appliance 7.0.1
Denotes that component is vulnerable