QID 376415

Date Published: 2022-02-17

QID 376415: IBM WebSphere Application Server Multiple Vulnerabilities (Log4Shell) (6526750)

There is a vulnerability in the Apache Log4j open source library used by WebSphere Application Server.

Affected Versions:

Affected Versions:
WebSphere Application Server V9.0.0.0 through 9.0.5.10
WebSphere Application Server V8.5.0.0 through 8.5.5.20
WebSphere Application Server V8.0.0.0 through 8.0.0.15
WebSphere Application Server V7.0.0.0 through 7.0.0.45
QID Detection Logic (Authenticated): This QID checks for the vulnerable version of IBM WebSphere Application Server and checks if the patches are installed or not.

A remote attacker with control over Thread Context Map (MDC) input data or a Thread Context Map pattern to exploit this vulnerability to craft malicious input data using a JNDI Lookup pattern and cause a denial of service. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system.

  • CVSS V3 rated as Critical - 9 severity.
  • CVSS V2 rated as High - 6 severity.
  • Solution
    The vendor has released patches. Please visit IBM WebSphere Application Server(6526750) for more information.
    Vendor References

    CVEs related to QID 376415

    Software Advisories
    Advisory ID Software Component Link
    6526750 URL Logo www.ibm.com/support/pages/node/6526750