Published: 05/06/2020 Updated: 09/06/2020

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 891

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Websphere Application Server

IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote malicious user to execute arbitrary code on the system with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181231.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm websphere application server

CVE-2020-4464-CVE-2020-4450

CVE-2020-4464 / CVE-2020-4450

WSIF Gadget for WebSphere (CVE-2020-4464 / CVE-2020-4450) This is based on the excellent blog posts of ZDI (original report by @_tint0): wwwthezdicom/blog/2020/7/20/abusing-java-remote-protocols-in-ibm-websphere wwwzerodayinitiativecom/blog/2020/9/29/exploiting-other-remote-protocols-in-ibm-websphere and the work of some fine Chinese hackers (I couldn&

CWE-502 https://exchange.xforce.ibmcloud.com/vulnerabilities/181231 https://www.ibm.com/support/pages/node/6220294 https://www.zerodayinitiative.com/advisories/ZDI-20-689/https://nvd.nist.gov https://github.com/yonggui-li/CVE-2020-4464-and-CVE-2020-4450 https://github.com/silentsignal/WebSphere-WSIF-gadget

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-4450

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect