CVE-2020-4450

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server versions 8.5 through 8.5.5.17 IBM WebSphere Application Server versions 9.0 through 9.0.5.4

Description A remote attacker could execute arbitrary code on the system with a specially-crafted sequence of serialized objects. This issue is related to the IIOP deserialization of untrusted data, allowing for remote code execution.

Recommendations For IBM WebSphere Application Server versions 8.5 through 8.5.5.17, update to version 8.5.5.18 or later. For IBM WebSphere Application Server versions 9.0 through 9.0.5.4, update to version 9.0.5.5 or later.