Rewterz Threat Advisory – CVE-2020-4782 – IBM WebSphere Application Server information disclosure

Rewterz Threat Alert – KashmirBlack Botnet Targets Victims in 30 Countries

October 27, 2020

Rewterz Threat Alert – Covid-19 Themed Malicious URLs

October 29, 2020

Rewterz Threat Advisory – CVE-2020-4782 – IBM WebSphere Application Server information disclosure

Severity

Medium

Analysis Summary

CVE-2020-4782

IBM WebSphere Application Server could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.

Impact

Information disclosure

Affected Vendors

IBM

Affected Products

IBM WebSphere Application Server 7.0
IBM WebSphere Application Server 8.0
IBM WebSphere Application Server 8.5
IBM WebSphere Application Server 9.0

Remediation

Refer to IBM Security Bulletin 6356083 for patch, upgrade or suggested workaround information.

IBM Security Bulletin 6356083 (WebSphere Application Server)

Rewterz Threat Alert – KashmirBlack Botnet Targets Victims in 30 Countries

Rewterz Threat Alert – Covid-19 Themed Malicious URLs

Rewterz Threat Advisory – CVE-2020-4782 – IBM WebSphere Application Server information disclosure

Severity

Analysis Summary

CVE-2020-4782

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan