Denial of Service Vulnerability in IBM WebSphere Application Server Liberty
CVE-2020-4590

5.3MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
21 September 2020

Summary

IBM WebSphere Application Server Liberty versions 17.0.0.3 through 20.0.0.9 are susceptible to a denial of service attack. This vulnerability can be exploited by an authenticated client leveraging the oauth-2.0 or openidConnectServer-1.0 server features, leading to potential service disruptions.

Affected Version(s)

WebSphere Application Server Liberty 17.0.0.3

WebSphere Application Server Liberty 20.0.0.9

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.