CVE-2020-4464 HIGH

CVE-2020-4464

Vendor Ibm
Product WebSphere Application Server
Published July 17, 2020
Last update September 17, 2024

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AC:L/PR:L/S:U/AV:N/I:H/UI:N/C:H/A:H/RC:C/RL:O/E:U

What the vulnerability does

01Description

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to execute arbitrary code on a system with a specially-crafted sequence of serialized objects over the SOAP connector. IBM X-Force ID: 181489.

Key dates

02Disclosure timeline

July 17, 2020 CVE published
September 17, 2024 Record updated