There is a potential code execution vulnerability in WebSphere Application Server. OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project.
CVE(s): CVE-2016-5983, CVE-2016-2180, CVE-2016-2183, CVE-2016-6304, CVE-2016-6303, CVE-2016-2178, CVE-2016-6306
Affected product(s) and affected version(s):
This vulnerability affects the following versions and releases of IBM WebSphere Application Server:
- Liberty
- Version 9.0
- Version 8.5.5
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2hOLSuY
X-Force Database: http://ift.tt/2cX6Wuu
X-Force Database: http://ift.tt/2dmWOvf
X-Force Database: http://ift.tt/2dR3VyC
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dmXjFz
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2dmYpRr
from IBM Product Security Incident Response Team http://ift.tt/2hOENum
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.