Home

CVE-2020-4329

Description

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841.

Risk Information

Base Score
4.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.208

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in IBM WebSphere 8.5.5.18Windows
Vulnerabilities CVE-2020-4329 are fixed in IBM WebSphere 20.0.0.5Windows
Vulnerabilities CVE-2020-4329,CVE-2020-4276 are fixed in IBM WebSphere 9.0.5.4Windows
Multiple Vulnerabilities are affected in IBM Tivoli Monitoring 6.3.0Windows
Multiple Vulnerabilities are affected in IBM Cognos Controller 10.4.0Windows
Multiple Vulnerabilities are affected in IBM Cognos Controller 10.4.1Windows
Multiple Vulnerabilities are affected in IBM Cognos Controller 10.4.2Windows
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.0Windows
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.1Windows
Multiple Vulnerabilities are affected in IBM Business Automation Workflow 19.0Windows
Multiple Vulnerabilities are affected in IBM Planning Analytics Local 2.0.9.2Windows
Multiple Vulnerabilities are affected in IBM MQ 9.1Windows
Multiple Vulnerabilities are affected in IBM Tivoli Application Dependency Discovery Manager 7.3.0.7Windows
Multiple Vulnerabilities are affected in IBM TXSeries for Multiplatforms 8.2.0.2Windows
Multiple Vulnerabilities are affected in IBM TXSeries for Multiplatforms 9.1.0.1Windows
Vulnerabilities CVE-2019-4728,CVE-2020-4329,CVE-2020-4761,CVE-2020-4762 are affected in IBM Sterling B2B Integrator 6.1.0.0Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234