CVE-2020-4450: WebSphere Remote Code Execution Vulnerability Alert

Recently, IBM officially issued a notice to fix the remote code execution (CVE-2020-4450) vulnerability in WebSphere Application Server (WAS). This vulnerability was caused by the deserialization of the IIOP protocol. Attackers can remotely attack the WAS server through the IIOP protocol, execute arbitrary code on the target server, obtain system permissions, and then take over the server. The CVSS score is 9.8, and the vulnerability risk is relatively high.

“Ubuntu installing Websphere 7” by Alastair Montgomery is licensed under CC BY-NC-ND 2.0

WebSphere Application Server is a software product that performs the role of a web application server. More specifically, it is a software framework and middleware that hosts Java-based web applications. It is the flagship product within IBM’s WebSphere software suite.

Affected version

• WebSphere Application Server 9.0.0.0 – 9.0.5.4
• WebSphere Application Server 8.5.0.0 – 8.5.5.17
• WebSphere Application Server 8.0.0.0 – 8.0.0.15
• WebSphere Application Server 7.0.0.0 – 7.0.0.45

Solution

At present, IBM has released a patch to fix the vulnerability, and a security patch is also provided for the version that has been discontinued. Please the affected users install the patch as soon as possible for protection.