IBM Support

PH29871:Directory Traversal vulnerability in WebSphere Application Server (CVE-2020-4782 CVSS 6.5)

Download


Downloadable File

Abstract

Directory Traversal vulnerability in WebSphere Application Server (CVE-2020-4782 CVSS 6.5)

Download Description

PH29871 resolves the following problem:

ERROR DESCRIPTION:
Directory Traversal vulnerability in WebSphere Application Server (CVE-2020-4782 CVSS 6.5).

PROBLEM SUMMARY:
Directory Traversal vulnerability in WebSphere Application Server (CVE-2020-4782 CVSS 6.5).

PROBLEM CONCLUSION:
Confidential for CVE-2020-4782.

The fix for this APAR is currently targeted for inclusion in fix packs 8.5.5.19 and 9.0.5.6. 
Please refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

PH11319,PH01617

Installation Instructions

Review the readme.txt for detailed installation instructions.

URL SIZE(Bytes)
V90 Readme 2369
V85 Readme 2508
V80 Readme 2399
V70 Readme 5117

Download Package

DOWNLOAD RELEASE DATE SIZE(Bytes)

DOWNLOAD Options

What is Fix Central(FC)?

8.5.5.15-WS-WASProd-IFPH29871 26 October 2020 273788 FC
8.0.0.15-WS-WAS-IFPH29871 26 October 2020 282965 FC
7.0.0.45-WS-WAS-IFPH29871 26 October 2020 14593 FC
9.0.5.0-WS-WASProd-IFPH29871 26 October 2020 276315 FC
9.0.0.11-WS-WASProd-IFPH29871 10 November 2020 269343 FC

Problems Solved

PH29871

On

Technical Support

Contact IBM Support at https://www.ibm.com/software/mysupport/s/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU004","label":"Hybrid Cloud"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z/OS"}],"Version":"8.5.5.16;8.5.5.15;8.0.0.15;7.0.0.45;9.0.5.5;9.0.5.4;9.0.5.3;9.0.5.2;9.0.5.1;9.0.5.0;9.0.0.11;8.5.5.18;8.5.5.17","Edition":"Advanced,Base,Developer,Enterprise,Express,Network Deployment,Single Server"}]

Document Information

Modified date:
10 November 2020

UID

ibm16353457