CVE-2020-4163

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server versions 7.0 through 9.0

Description The issue allows an authenticated user to create a maliciously crafted file name that would be misinterpreted as jsp content and executed under specialized conditions.

Recommendations For IBM WebSphere Application Server versions 7.0 through 9.0, consider restricting access to file name creation functionality to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.