Thursday, December 29, 2016

IBM Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server for Bluemix (CVE-2016-5573, CVE-2016-5597, CVE-2016-8934)

There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM SDK for Java updates in October 2016. These may affect some configurations of IBM WebSphere Application Server Traditional, IBM WebSphere Application Server Liberty and IBM WebSphere Application Server Hypervisor Edition. There is a potential cross-site scripting vulnerability in the Admin Console for WebSphere Application Server.

CVE(s): CVE-2016-5573, CVE-2016-5597, CVE-2016-8934

Affected product(s) and affected version(s):

This vulnerability affects the following versions and releases of IBM WebSphere Application Server:

  • Liberty
  • Version 9.0
  • Version 8.5.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2ihIoP2
X-Force Database: http://ift.tt/2eDrVCd
X-Force Database: http://ift.tt/2e5pD2s
X-Force Database: http://ift.tt/2ilu2PU



from IBM Product Security Incident Response Team http://ift.tt/2ihCkWw

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.