I. overview of vulnerabilities
IBM websphere application server is a high-performance Java application server, which can be used to build, run, integrate, protect and manage on premise and externally deployed dynamic cloud and web applications. On September 17, 2020, IBM issued a security announcement that there was a security vulnerability in websphere application server. The vulnerability tracking is cve-2020-4643, and its CVss score is 7.5. The vulnerability is due to WebSphere Application Server's vulnerability to XML external entity injection (xxE) when processing XML data. Remote attackers can use this vulnerability to steal sensitive information, which is more harmful.
II. Affected version
WebSphere Application Server 7.0, 8.0, 8.5, 9.0.
III. recurrence process
nothing
IV. scope of influence
Search the keyword "WebSphere Application Server" according to zoomeye cyberspace search engine, and 13454 IP history records are obtained, which are concentrated in the United States and China.
V. repair suggestions
At present, the official patch has been released to fix the vulnerability, and a security patch has been provided for the version that has stopped maintenance. Please update the affected users as soon as possible for protection.
https://www.ibm.com/support/pages/node/6333617
Six timeline
IBM official announcement time: September 17, 2020
Release time of vulnerability Intelligence: September 24, 2020
VII. Related links
Zoomeye cyberspace search engine:
https://www.zoomeye.org/searchResult/report?q=app%3A%22IBM%20WebSphere%20httpd%22