I. overview of vulnerabilities

IBM websphere application server is a high-performance Java application server, which can be used to build, run, integrate, protect and manage dynamic cloud and web applications deployed internally and externally. On September 17, 2020, IBM issued a security announcement that there was a security vulnerability in websphere application server. The vulnerability trace is cve-2020-4643, and its CVss score is 7.5. The vulnerability is due to WebSphere Application Server's vulnerability to XML external entity injection (xxE) when processing XML data. Remote attackers can use this vulnerability to steal sensitive information, which is more harmful.

II. Affected version

WebSphere Application Server 7.0, 8.0, 8.5, 9.0.

III. recurrence process

nothing

IV. scope of influence

The keyword "WebSphere Application Server" was searched according to zoomeye cyberspace search engine, and a total of 13454 IP history records were obtained, which are concentrated in the United States and China.

V. repair suggestions

At present, the official has released a patch to fix the vulnerability, and a security patch is also provided for the version that has stopped maintenance. Please update the affected users as soon as possible for protection.

https://www.ibm.com/support/pages/node/6333617

Six timeline

IBM official announcement time: September 17, 2020

Know the time when Chuangyu released vulnerability Intelligence: September 24, 2020

VII. Related links

https://www.ibm.com/support/pages/security-bulletin-websphere-application-server-vulnerable-information-exposure-vulnerability-cve-2020-4643

Zoomeye cyberspace search engine:

https://www.zoomeye.org/searchResult/report?q=app%3A%22IBM%20WebSphere%20httpd%22