Apache Tomcat is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs
CVEID: CVE-2016-3092**
DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/114336 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Power HMC V7.3.0.0
Power HMC V7.9.0.0
Power HMC V8.1.0.0
Power HMC V8.2.0.0
Power HMC V8.3.0.0
Power HMC V8.4.0.0
Power HMC V8.5.0.0
The following fixes are available on IBM Fix Central at: <http://www-933.ibm.com/support/fixcentral/>
Product
|
VRMF
|
APAR
|
Remediation/Fix
—|—|—|—
Power HMC
|
V7.7.3.0 SP7
|
MB04028
|
Power HMC
|
V7.7.9.0 SP3
|
MB04029
|
Power HMC
|
V8.8.1.0 SP3
|
MB04030
|
Power HMC
|
V8.8.2.0 SP2
|
MB04031
|
Power HMC
|
V8.8.3.0 SP2
|
MB04032
|
Power HMC
|
V8.8.4.0 SP1
|
MB04033
|
Power HMC
|
V8.8.5.0
|
MB04035
|