IBM Support

PH23638:Server-side request forgery in WebSphere Application Server Admin Console (CVE-2020-4365)

Download


Downloadable File

Abstract

Server-side request forgery in WebSphere Application Server Admin Console (CVE-2020-4365)

Download Description

PH23638 resolves the following problem:

ERROR DESCRIPTION:
Server-side request forgery in WebSphere Application Server Admin Console CVE-2020-4365.

PROBLEM SUMMARY:
Server-side request forgery in WebSphere Application Server Admin Console CVE-2020-4365.

PROBLEM CONCLUSION:
Confidential for Security Integrity ifix CVE-2020-4365.
SPECIAL INSTRUCTIONS:
After you install this fix, if the profile contains any files or directories in the path
${profileName}/temp/${nodeName}/${serverName}/isclite/iehs.war, these files and directories must be removed.  The fix will not be active until these files are removed.

Prerequisites

None

Installation Instructions

Review the readme.txt for detailed installation instructions.

URL SIZE(Bytes)
V85 Readme 2627

Download Package

DOWNLOAD RELEASE DATE SIZE(Bytes)

DOWNLOAD Options

What is Fix Central(FC)?

8.5.5.15-WS-WASProd-IFPH23638 13 May 2020 406558 FC

Problems Solved

PH23638

On

Technical Support

Contact IBM Support at https://www.ibm.com/software/mysupport/s/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"8.5.5.15;8.5.5.16;8.5.5.17","Edition":"Advanced,Base,Developer,Enterprise,Express,Network Deployment,Single Server"}]

Document Information

Modified date:
13 May 2020

UID

ibm16209067