Security Bulletin: Multiple security vulnerabilities Affect IBM WebSphere Application Server Liberty shipped with IBM OpenPages

Summary

IBM WebSphere Application Server Liberty is shipped as a supporting program of IBM OpenPages. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in multiple security bulletins. These products have addressed the applicable CVE(s). For a complete list of vulnerabilities, refer to the link for IBM WebSphere Security Bulletins located in the Remediation/Fixes section for more information.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM OpenPages	9.0
IBM OpenPages with Watson	IBM OpenPages with Watson 8.3

Remediation/Fixes

Principal Product and Version(s)

|

** Remediation**

—|—

For IBM OpenPages with Watson 8.3 or 9.0

|

IBM WebSphere Application Server Liberty 24.0.0.4

- Used by IBM OpenPages Application Servers

- Apply IBM WebSphere Application Server Liberty Fix Pack 24.0.0.4 or later

• Updating WebSphere Liberty for Application Servers

For IBM OpenPages GRC Platform v8.0/8.1/8.2 customers, IBM recommends to upgrade to a fixed and supported versions** 8.3 or 9.0** of the product.

For CVE numbers fixed in IBM WebSphere Application Server Liberty related to IBM OpenPages, see the following IBM WebSphere security bulletins:

<https://www.ibm.com/support/pages/node/7145942&gt;

<https://www.ibm.com/support/pages/node/7125527&gt;

<https://www.ibm.com/support/pages/node/7148380&gt;

Workarounds and Mitigations

None