<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1462084720533760&amp;ev=PageView&amp;noscript=1">
Virsec Security Research Lab

CVE-2020-4589 IBM WebSphere Application Server 7.0, 8.0, 8.5 and 9.0

Virsec Security Research Lab Vulnerability Analysis

The Virsec Security Research Lab provides detailed analysis on recent and notable security vulnerabilities.

Vulnerability Summary

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects from untrusted sources. The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system. The vulnerability only occurs if an undocumented customization has been applied by an administrator.

Watch the video to learn more about this and other important vulnerabilities.

CVSS Score

The CVSS Base Score is 9.8 (Critical)

Affected Version

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0.

Vulnerability Attribution

As per IBM, this vulnerability was reported to IBM by Kylinking of NSFOCUS Security Team.

Risk Impact

IBM WebSphere Application Server is a set of Java-based tools designed for network administrators, web developers, and software engineers. It enables users to develop and host Java-based web applications, build and manage websites, and manage multiple technologies in a single interface. As per HG Insights, WebSphere is been used in various industries like Banking, Health, Software manufacturers, etc. for high traffic. Based on link, below is the adoption graph by industry, most the companies with high traffic uses WebSphere.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. This is going to have an impact on confidentiality, integrity, and availability of these critical machines. No publicly available exploits are available for this vulnerability.

Virsec Security Platform (VSP) Support

VSP-Host monitors processes that are spawned which are not part of a set of whitelisted process. Any attempt to execute new command or unknown binary would be denied by VSP-Host’s Process Monitoring capability.

Reference Links

Download the full vulnerability report to learn more about this and other important vulnerabilities.