Vulnerability Name:
CVE-2020-4464 (CCN-181489)
Assigned:
2019-12-30
Published:
2020-07-16
Updated:
2020-07-22
Summary:
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to execute arbitrary code on a system with a specially-crafted sequence of serialized objects over the SOAP connector. IBM X-Force ID: 181489.
CVSS v3 Severity:
8.8 High
(CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
)
7.7 High
(Temporal CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
8.8 High
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
)
7.7 High
(CCN Temporal CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
CVSS v2 Severity:
9.0 High
(CVSS v2 Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
Single_Instance
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
9.0 High
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
Single_Instance
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
Vulnerability Type:
CWE-502
Vulnerability Consequences:
Gain Access
References:
Source: MITRE
Type: CNA
CVE-2020-4464
Source: XF
Type: UNKNOWN
ibm-websphere-cve20204464-code-exec(181489)
Source: XF
Type: VDB Entry, Vendor Advisory
ibm-websphere-cve20204464-code-exec (181489)
Source: CCN
Type: IBM Security Bulletin 6250059 (WebSphere Application Server)
WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2020-4464)
Source: CONFIRM
Type: Patch, Vendor Advisory
https://www.ibm.com/support/pages/node/6250059
Source: CCN
Type: IBM Security Bulletin 6257151 (Content Collector)
Embedded WebSphere Application Server is vulnerable to a command execution vulnerability affect Content Collector for Email
Source: CCN
Type: IBM Security Bulletin 6324783 (ISIM VA)
IBM Security Identity Manager Virtual Appliance is affected by multiple vulnerabilities
Source: CCN
Type: IBM Security Bulletin 6327411 (WebSphere Application Server in Cloud)
Multiple Security Vulnerabilities Affect IBM WebSphere Application Server in IBM Cloud
Source: CCN
Type: IBM Security Bulletin 6351443 (Tivoli Monitoring V6)
Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server
Source: CCN
Type: IBM Security Bulletin 6427551 (Security Privileged Identity Manager)
IBM Security Privileged Identity Manager is affected by a code execution vulnerability (CVE-2020-4464)
Source: CCN
Type: IBM Security Bulletin 6458171 (InfoSphere Master Data Management)
Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM InfoSphere Master Data Management 11.6
Source: CCN
Type: ZDI-20-878
IBM WebSphere Application Server SOAP Deserialization of Untrusted Data Remote Code Execution Vulnerability
Source: MISC
Type: Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-878/
Vulnerable Configuration:
Configuration 1
:
cpe:/a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
(Version >= 7.0.0.0 and <= 7.0.0.45)
OR
cpe:/a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
(Version >= 8.0.0.0 and <= 8.0.0.15)
OR
cpe:/a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
(Version >= 8.5.0.0 and <= 8.5.5.17)
OR
cpe:/a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
(Version >= 9.0.0.0 and <= 9.0.5.4)
Configuration CCN 1
:
cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*
AND
cpe:/a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*
OR
cpe:/a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*
OR
cpe:/a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*
OR
cpe:/a:ibm:content_collector:4.0.1:*:*:*:*:*:*:*
OR
cpe:/a:ibm:security_privileged_identity_manager:2.0.2:*:*:*:*:*:*:*
OR
cpe:/a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:*
OR
cpe:/a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:*
OR
cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
OR
cpe:/a:ibm:security_privileged_identity_manager:2.1.0:*:*:*:*:*:*:*
OR
cpe:/a:ibm:infosphere_master_data_management:11.6:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_application_server_in_cloud:8.5:*:*:*:*:*:*:*
OR
cpe:/a:ibm:websphere_application_server_in_cloud:9.0:*:*:*:*:*:*:*
OR
cpe:/a:ibm:security_privileged_identity_manager:2.1.1:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
ibm
websphere application server *
ibm
websphere application server *
ibm
websphere application server *
ibm
websphere application server *
ibm
websphere application server 7.0
ibm
websphere application server 8.0
ibm
websphere application server 8.5
ibm
websphere application server 9.0
ibm
tivoli monitoring 6.3.0.2
ibm
tivoli monitoring 6.3.0.3
ibm
tivoli monitoring 6.3.0.4
ibm
content collector 4.0.1
ibm
security privileged identity manager 2.0.2
ibm
tivoli monitoring 6.3.0.5
ibm
tivoli monitoring 6.3.0.6
ibm
tivoli monitoring 6.3.0.7
ibm
security privileged identity manager 2.1.0
ibm
infosphere master data management 11.6
ibm
websphere application server in cloud 8.5
ibm
websphere application server in cloud 9.0
ibm
security privileged identity manager 2.1.1
Denotes that component is vulnerable