IBM30522D673CE61DF1D5D627CC820F32E0494921FDD6DB77BF479883D04E28F413Security Bulletin: A security vulnerability has been identified in WebSphere® Application Server and IBM WebSphere Application Server Liberty shipped with IBM® Intelligent Operations Center (CVE-2024-22329)
Summary
IBM WebSphere® Application Server and IBM WebSphere Application Server Liberty is shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere® Application Server and IBM WebSphere Application Server Liberty has been published in a security bulletin.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| Intelligent Operations Center (IOC) | V1.5.0, V1.5.0.1, V1.5.0.2, V1.6.0, V1.6.0.1, V1.6.0.2, V1.6.0.3, V5.1.0, V5.1.0.1, V5.1.0.2, V5.1.0.3, V5.1.0.4, V5.1.0.5, V5.1.0.6, V5.1.0.7, V5.1.0.8, V5.1.0.9, V5.1.0.10, V5.1.0.11, V5.1.0.12, V5.1.0.13, V5.1.0.14, V5.2.1, V5.2.2, V5.2.3, V5.2.4, V5.2.5 |
| IBM Intelligent Operations Center for Emergency Management | V1.6, V5.1.0, V5.1.0.1, V5.1.0.2, V5.1.0.3, V5.1.0.4, V5.1.0.5, and V5.1.0.6 |
Remediation/Fixes
Download the correct version of the fix from the following link:Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to server-side request forgery (CVE-2024-22329) . Installation instructions for the fix are included in the readme document that is in the fix package.
Workarounds and Mitigations
None
Related
6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
8.4%