Mar 20, 2020 8:00 pm EDT
Categorized: Medium Severity
Share this post:
There are multiple security vulnerabilities that affect the IBM WebSphere Application Server in the IBM Cloud. There is a Swagger vulnerability that affects WebSphere Application Server Liberty. This affects the mpOpen-1.x and openAPI-3.x features. There is a cross-site scripting vulnerability in the Liberty Admin Center. There is a denial of service vulnerablility in WebSphere Application Server. There is an information disclosure in WebSphere Application Server Admin Console. There is a denial of service in the Apache CXF library used by WebSphere Application Server. WebSphere Application Server is vulnerable to a command execution vulnerability. There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server.
Affected product(s) and affected version(s):
These vulnerabilities affect the following versions and releases of IBM WebSphere Application Server in IBM Cloud:
- Liberty
- Version 9.0
- Version 8.5
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6113998
from IBM Product Security Incident Response Team https://ift.tt/39e563u
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.