CVE-2020-4365
published 2020-05-14CVE-2020-4365: IBM WebSphere Application Server 8.5 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
IBM WebSphere Application Server 8.5 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 178964.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | websphere_application_server | — | — |
| ibm | websphere_application_server | 8.5.0.0 – 8.5.5.17 | — |
| isc | bind9 | >= 0 < 1:9.9.5.dfsg-3ubuntu0.19+esm2 | 1:9.9.5.dfsg-3ubuntu0.19+esm2 |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
osv8.6HIGH