Denial of Service Vulnerability in IBM WebSphere Application Server Liberty
CVE-2020-4590
5.3MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 21 September 2020
Summary
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 20.0.0.9 are susceptible to a denial of service attack. This vulnerability can be exploited by an authenticated client leveraging the oauth-2.0 or openidConnectServer-1.0 server features, leading to potential service disruptions.
Affected Version(s)
WebSphere Application Server Liberty 17.0.0.3
WebSphere Application Server Liberty 20.0.0.9
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved