IBM Support

PH27157:WebSphere Application Server deserialization vulnerability (CVE-2020-4576 CVSS Score 5.3)

Download


Downloadable File

Abstract

WebSphere Application Server deserialization vulnerability (CVE-2020-4576 CVSS Score 5.3)

Download Description

PH27157 resolves the following problem:

ERROR DESCRIPTION:
WebSphere Application Server deserialization vulnerability (CVE-2020-4576 CVSS Score 5.3).

PROBLEM SUMMARY:
WebSphere Application Server deserialization vulnerability (CVE-2020-4576 CVSS Score 5.3)

PROBLEM CONCLUSION:
Confidential for CVE-2020-4576.
The fix for this APAR is currently targeted for inclusion in WebSphere traditional fix packs 8.5.5.19 and 9.0.5.6.  Please refer to the Recommended Updates page for delivery information:  http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

None

Installation Instructions

Review the readme.txt for detailed installation instructions.

URL SIZE(Bytes)
V85 Readme 2289
V90 Readme 2214
V80 Readme 2217
V70 Readme 4902

Download Package

DOWNLOAD
APPLICABLE
FIXPACKS
RELEASE DATE SIZE(Bytes)

DOWNLOAD
Options

What is Fix
Central(FC)?

7.0.0.45-WS-WAS-IFPH27157 7.0.0.45 29 September 2020 25637 FC
8.5.5.12-WS-WASProd-IFPH27157 8.5.5.12 through 8.5.5.18 29 September 2020 292491 FC
9.0.0.9-WS-WASProd-IFPH27157 9.0.0.9 through 9.0.5.5 29 September 2020 297203 FC
8.0.0.15-WS-WASEmbeded-IFPH27157 8.0.0.15 29 September 2020 264940 FC
8.0.0.15-WS-WASProd-IFPH27157 8.0.0.15 29 September 2020 275532 FC

Problems Solved

PH27157

On

Technical Support

Contact IBM Support at https://www.ibm.com/software/mysupport/s/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU004","label":"Hybrid Cloud"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z/OS"}],"Version":"8.5.5.13;8.5.5.12;9.0.5.5;9.0.5.4;9.0.5.3;9.0.5.2;9.0.5.1;8.0.0.15;7.0.0.45;9.0.5.0;9.0.0.11;9.0.0.10;9.0.0.9;8.5.5.18;8.5.5.17;8.5.5.16;8.5.5.15;8.5.5.14","Edition":"Base,Network Deployment"}]

Document Information

Modified date:
30 September 2020

UID

ibm16339715