IBM Support

PH23853:WebSphere Application Server is vulnerable to a privilege escalation vulnerability (CVE-2020-4362 and CVE-2020-4276)

Download


Downloadable File

Abstract

WebSphere Application Server is vulnerable to a privilege escalation vulnerability (CVE-2020-4362 and CVE-2020-4276)

Download Description

PH23853 resolves the following problem:
This APAR PH23853 supersedes APAR PH21511.
ERROR DESCRIPTION:
WebSphere Application Server is vulnerable to a privilege escalation vulnerability  (CVE-2020-4362 and CVE-2020-4276)
LOCAL FIX:

PROBLEM SUMMARY:
WebSphere Application Server is vulnerable to a privilege escalation vulnerability  (CVE-2020-4362 and CVE-2020-4276)

PROBLEM CONCLUSION:
WebSphere Application Server is vulnerable to a privilege escalation vulnerability  (CVE-2020-4362 and CVE-2020-4276)

Prerequisites

Download the UpdateInstaller below to install this fix.

URL SIZE(Bytes)
UpdateInstaller 7250000

Installation Instructions

Review the readme.txt for detailed installation instructions.

URL SIZE(Bytes)
V90 Readme 2212
V70 Readme 4963
V80 Readme 2275
V85 Readme 2295

Download Package

DOWNLOAD RELEASE DATE SIZE(Bytes)

DOWNLOAD Options

What is Fix Central(FC)?

7.0.0.45-WS-WAS-IFPH23853 09 April 2020 61295 FC
8.0.0.15-WS-WAS-IFPH23853 09 April 2020 312821 FC
8.5.5.16-WS-WAS-IFPH23853 09 April 2020 305245 FC
9.0.5.2-WS-WAS-IFPH23853 09 April 2020 303467 FC
9.0.5.3-WS-WAS-IFPH23853 09 April 2020 384695 FC
9.0.5.4-WS-WAS-IFPH23853 09 June 2020 303500 FC

Problems Solved

PH23853, PH21511

On

Technical Support

Contact IBM Support at https://www.ibm.com/software/mysupport/s/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"ARM Category":[],"Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"7.0.0.45;8.0.0.15;8.5.5.16;8.5.5.17;9.0.5.2;9.0.5.3","Edition":"Advanced,Base,Developer,Enterprise,Express,Network Deployment,Single Server","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
09 June 2020

UID

ibm16174273