IBM Support

PH25074:WebSphere Application Server IIOP Deserialization of Untrusted Data Remo

Download


Downloadable File

Abstract

WebSphere Application Server IIOP Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-4449 CVSS score 7.5 and CVE-2020-4450 CVSS score 9.8)

Download Description

PH25074 resolves the following problem:

ERROR DESCRIPTION:
WebSphere Application Server IIOP Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-4449 CVSS score 7.5 and CVE-2020-4450 CVSS score 9.8).

LOCAL FIX:

PROBLEM SUMMARY:
WebSphere Application Server IIOP Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-4449 CVSS score 7.5 and CVE-2020-4450 CVSS score 9.8).

PROBLEM CONCLUSION:
WebSphere Application Server IIOP Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2020-4449 CVSS score 7.5 and CVE-2020-4450 CVSS score 9.8)

Prerequisites

None

Installation Instructions

Review the readme.txt for detailed installation instructions.

URL SIZE(Bytes)
V90 Readme 2630
V85 Readme 2646
V80 Readme 2591
V70 Readme 5280

Download Package

DOWNLOAD RELEASE DATE SIZE(Bytes)

DOWNLOAD Options

What is Fix Central(FC)?

9.0.5.0-WS-WASProd-IFPH25074 03 June 2020 391981 FC
9.0.5.3-WS-WASProd-IFPH25074 03 June 2020 330552 FC
9.0.5.4-WS-WASProd-IFPH25074 03 June 2020 330550 FC
8.5.5.16-WS-WASProd-IFPH25074 03 June 2020 389416 FC
8.5.5.17-WS-WASProd-IFPH25074 03 June 2020 330870 FC
8.0.0.15-WS-WAS-IFPH25074 03 June 2020 329443 FC
7.0.0.45-WS-WAS-IFPH25074 03 June 2020 87035 FC

Problems Solved

PH25074 includes PH18042

Change History

6/8/2020 - "Problems Solved" section has been updated from PH18042 to "PH25074 includes PH18042".  "Problems (APARS) fixed" section is cleared. 

On

Technical Support

Contact IBM Support at https://www.ibm.com/software/mysupport/s/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"7.0.0.45;8.0.0.15;8.5.5.16;8.5.5.17;9.0.5.0;9.0.5.1;9.0.5.2;9.0.5.3;9.0.5.4","Edition":"Express,Base,Developer,Network Deployment"}]

Document Information

Modified date:
08 June 2020

UID

ibm16220276