Lucene search

K
ibmIBM1D7A9620014C4105B221C6CDF92C1FEE1B525AEE56A16CA716E6FAE637E873E0
HistorySep 23, 2021 - 1:31 a.m.

Security Bulletin: Vulnerabilities in Apache Tomcat affect Power Hardware Management Console (CVE-2016-3092)

2021-09-2301:31:39
www.ibm.com
13

0.043 Low

EPSS

Percentile

92.3%

Summary

Apache Tomcat is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs

Vulnerability Details

CVEID: CVE-2016-3092**
DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/114336 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Power HMC V7.3.0.0
Power HMC V7.9.0.0
Power HMC V8.1.0.0
Power HMC V8.2.0.0
Power HMC V8.3.0.0
Power HMC V8.4.0.0
Power HMC V8.5.0.0

Remediation/Fixes

The following fixes are available on IBM Fix Central at: <http://www-933.ibm.com/support/fixcentral/&gt;

Product

|

VRMF

|

APAR

|

Remediation/Fix

—|—|—|—

Power HMC

|

V7.7.3.0 SP7

|

MB04028

|

MH01643

Power HMC

|

V7.7.9.0 SP3

|

MB04029

|

MH01644

Power HMC

|

V8.8.1.0 SP3

|

MB04030

|

MH01645

Power HMC

|

V8.8.2.0 SP2

|

MB04031

|

MH01646

Power HMC

|

V8.8.3.0 SP2

|

MB04032

|

MH01647

Power HMC

|

V8.8.4.0 SP1

|

MB04033

|

MH01648

Power HMC

|

V8.8.5.0

|

MB04035

|

MH01651