CVE-2020-4163

Summary

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to create a maliciously crafted file name which would be misinterpreted as jsp content and executed. IBM X-Force ID: 174397.

Affected Software

VendorProductVersion RangeStatus
IBMWebSphere Application Server7.0affected
IBMWebSphere Application Server8.0affected
IBMWebSphere Application Server8.5affected
IBMWebSphere Application Server9.0affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References