I. Overview

WebSphere has recently released a security notice on WebSphere application server IIOP deserialization of untrusted data remote code execution vulnerability (CVE-2020-4450). Attackers can exploit this vulnerability to remotely execute code on a target server, obtain system permissions, and take over the server.

If you are a WebSphere user, check your system and implement timely security hardening.

Reference link:

https://www.ibm.com/support/pages/node/6220276

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Affected Versions:

WebSphere Application Server 9.0.0.0 to 9.0.5.4

WebSphere Application Server 8.5.0.0 to 8.5.5.17

WebSphere Application Server 8.0.0.0 to 8.0.0.15

WebSphere Application Server 7.0.0.0 to 7.0.0.45

IV. Vulnerability Handling

WebSphere 7.0 and 8.0 series are no longer in full support. However, the patch PH25074 is provided in the latest versions (7.0.0.45 and 8.0.0.15) to fix the vulnerabilities. You can upgrade the system to the latest version and install the patch to fix vulnerabilities.

For WebSphere 8.5 series, install the patch PH25074 to fix the vulnerability.

For WebSphere 9.0 series, install the patch PH25074 to fix the vulnerability.

Download patch PH25074 from https://www.ibm.com/support/pages/node/6220276.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.