IBM Support

PH33648:Directory Traversal vulnerability in WebSphere Application Server (CVE-2021-20354 CVSS 5.9)

Download


Downloadable File

Abstract

Directory Traversal vulnerability in WebSphere Application Server (CVE-2021-20354 CVSS 5.9)

Download Description

PH33648 resolves the following problem:

ERROR DESCRIPTION:
Directory Traversal vulnerability in WebSphere Application Server (CVE-2021-20354 CVSS 5.9).

PROBLEM SUMMARY:
Directory Traversal vulnerability in WebSphere Application Server (CVE-2021-20354 CVSS 5.9).

PROBLEM CONCLUSION:
Confidential for Security Integrity ifix CVE-2021-20354.

The fix for this APAR is currently targeted for inclusion in fix packs 8.5.5.20 and 9.0.5.7

Please refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

None

Installation Instructions

Review the readme.txt for detailed installation instructions.

URL SIZE(Bytes)
V90 Readme 2208
V80 Readme 2268
V85 Readme 2341

Download Package

 
IMPORTANT NOTE:
WebSphere Application Server and Liberty fix access requires S&S Entitlement in 2021, use properly registered IDs to download fixes for WebSphere Application Server below. 
DOWNLOAD RELEASE DATE SIZE(Bytes) APPLICABLE Fixpack(s)

DOWNLOAD Options

What is Fix Central(FC)?

9.0.5.5-WS-WASProd-IFPH33648 16 February 2021 219838 9.0.5.5, 9.0.5.6 FC
8.0.0.15-WS-WASProd-IFPH33648 16 February 2021 218167 8.0.0.15 FC
8.5.5.18-WS-WASProd-IFPH33648 16 February 2021 220159 8.5.5.18, 8.5.5.19 FC

Problems Solved

PH33648

On

Technical Support

Contact IBM Support at https://www.ibm.com/software/mysupport/s/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"Cloud & Data Platform","label":"Cloud & Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z/OS"}],"Version":"8.0.0.15;8.5.5.18;8.5.5.19;9.0.5.5;9.0.5.6","Edition":"Base"}]

Document Information

Modified date:
02 March 2021

UID

ibm16415901