CVE-2020-4276: 
IBM WebSphere App Server vulnerability analysis and mitigation

CVE-2020-4276 is a privilege escalation vulnerability affecting IBM WebSphere Application Server traditional versions 7.0, 8.0, 8.5, and 9.0. The vulnerability was discovered in December 2019 and publicly disclosed in March 2020. The issue occurs when using token-based authentication in an admin request over the SOAP connector (IBM Security).

The vulnerability has been assigned a CVSS Base score of 7.5 with a vector of CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating network accessibility with high attack complexity, low privileges required, and high impacts on confidentiality, integrity, and availability (IBM Security).

If exploited, this vulnerability could allow an attacker to escalate privileges within the WebSphere Application Server environment when using token-based authentication through the SOAP connector interface (IBM Security).

IBM has released fixes for all affected versions: For v9.0.0.0 through 9.0.5.3, users should upgrade to Fix Pack 9.0.5.4 or later, or apply Interim Fix PH21511. For v8.5.0.0 through 8.5.5.17, upgrade to Fix Pack 8.5.5.18 or later or apply Interim Fix PH21511. For v8.0.0.0 through 8.0.0.15, upgrade to 8.0.0.15 and apply Interim Fix PH21511. For v7.0.0.0 through 7.0.0.45, upgrade to 7.0.0.45 and apply Interim Fix PH21511. No workarounds are available (IBM Security).