CVE-2020-4643 | WebSphere Application Server XXE·ì϶¹«¸æ

°ä²¼¹¦·ò 2020-09-22

0x00 ·ì϶¸ÅÊö

CVE   ID

CVE-2020-4643

ʱ    ¼ä

2020-09-22

Àà    ÐÍ

XXE

µÈ    ¼¶

¸ßΣ

Ô¶³ÌÀûÓÃ

ÊÇ

Ó°ÏìÁìÓò

WebSphereÀûÓ÷þÎñÆ÷£º

7.0¡¢8.0¡¢8.5¡¢9.0

 

IBM WebSphere Application ServerÊÇÒ»Öָ߻úÄܵÄJavaÀûÓ÷þÎñÆ÷£¬¿ÉÓÃÓÚ¹¹½¨¡¢ÔËÐÓ×¢¼¯³É¡¢±£»¤ºÍÖÎÀíÄÚ²¿²¿ÊðºÍ±í²¿²¿ÊðµÄ¶¯Ì¬ÔƺÍWebÀûÓá£Ëü²»½ö¿ÉÄÜÈ·±£¸ß»úÄܺͽýÝÐÔ£¬»¹Ìṩ¶àÖÖÊ¢¿ª³ß¶È±à³ÌÄ£ÐÍÑ¡ÏּÔÚ×î´óˮƽÌá¸ß¿ª·¢ÈËÔ±µÄ³ö²úÁ¦¡£Ëü¿ÉÌṩ½Ã½ÝÏȽøµÄ»úÄÜ¡¢ÈßÓàºÍ±à³ÌÄ£ÐÍ¡£

0x01 ·ì϶ÏêÇé

 

image.png 

 

2020Äê09ÔÂ17ÈÕ£¬IBM°ä²¼°²È«²¼¸æ£¬WebSphere Application ServerÖдæÔÚÒ»¸ö°²È«·ì϶¡£·ì϶׷×ÙΪCVE-2020-4643£¬ÆäCVSSÆÀ·ÖΪ7.5¡£¸Ã·ì϶ÊÇÓÉÓÚWebSphere Application ServerÔÚ´¦ÖÃXMLÊý¾ÝʱÈÝÒ×Êܵ½XML±í²¿ÊµÌå×¢È루XXE£©¹¥»÷¡£Ô¶³Ì¹¥»÷ÕßÄܹ»ÀûÓô˷ì϶À´ÇÔÈ¡Ãô¸ÐÐÅÏ¢£¬·çÏսϴó¡£

0x02 ´ëÖý¨Òé

Ä¿Ç°IBM¹Ù·½ÒÑ°ä²¼°²È«¸üУ¬½¨Òé²ÎÕÕ¹Ù·½Ò»Ê±¶©Õý½«WebSphere Application ServerºÍWebSphere Application Server Hypervisor EditionÉý¼¶µ½°²È«°æ±¾£º

7.0.0.45-WS-WAS-IFPH27509£¨ºÏÓÃÓÚ7.0.0.45°æ±¾£©Ò»Ê±²¹¶¡ÏÂÔصØÖ·£º

https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%2FWebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=7.0.0.45-WS-WAS-IFPH27509&includeSupersedes=0

8.0.0.15-WS-WASEmbeded-IFPH27509£¨ºÏÓÃÓÚ8.0.0.15°æ±¾£©Ò»Ê±²¹¶¡ÏÂÔصØÖ·£º

https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%2FWebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=8.0.0.15-WS-WASEmbeded-IFPH27509&includeSupersedes=0

8.0.0.15-WS-WASProd-IFPH27509£¨ºÏÓÃÓÚ8.0.0.15°æ±¾£©Ò»Ê±²¹¶¡ÏÂÔصØÖ·£º

https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%2FWebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=8.0.0.15-WS-WASProd-IFPH27509&includeSupersedes=0

8.5.5.15-WS-WASProd-IFPH27509£¨ºÏÓÃÓÚ8.5.5.15, 8.5.5.16, 8.5.5.17°æ±¾£©Ò»Ê±²¹¶¡ÏÂÔصØÖ·£º

https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%2FWebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=8.5.5.15-WS-WASProd-IFPH27509&includeSupersedes=0

9.0.5.2-WS-WASProd-IFPH27509£¨ºÏÓÃÓÚ9.0.5.2¡¢9.0.5.3¡¢9.0.5.4¡¢9.0.5.5°æ±¾£©Ò»Ê±²¹¶¡ÏÂÔصØÖ·£º

https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%2FWebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=9.0.5.2-WS-WASProd-IFPH27509&includeSupersedes=0

¸ü¶à¾ßÌåÐÅÏ¢Çë²Î¿¼PH27509һʱ¶©Õý£º

https://www.ibm.com/support/pages/node/6333617

0x03 ÓйØÐÂÎÅ

https://www.kengilmour.com/na-cve-2020-4643-ibm-websphere-application-server-7-0-8-0-8-5/

0x04 ²Î¿¼Á´½Ó

https://www.ibm.com/support/pages/node/6334311

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4643

https://www.security-database.com/detail.php?alert=CVE-2020-4643

https://exchange.xforce.ibmcloud.com/vulnerabilities/185590

0x05 ¹¦·òÏß

2020-09-17    IBM°ä²¼°²È«²¼¸æ

2020-09-22    VSRC°ä²¼°²È«¹«¸æ

 

 

 

image.png