Lucene search

K
ibmIBM43DA4697F34CF5D5A6799540E74541895D58CA735AF6018C2189B56DA5C5FD59
HistoryJul 18, 2018 - 10:28 a.m.

Security Bulletin: Security vulnerabilities have been identified in the WebSphere Application Server where the RAM is deployed.

2018-07-1810:28:59
www.ibm.com
10

0.949 High

EPSS

Percentile

99.3%

Summary

In the WebSphere Application Server where the Rational Asset Manager is deployed, a remote attacker could exploit the vulnerabilities such as spoofing attacks, execute arbitrary codes, exploit sensitive information and so on. Information about these security vulnerabilities affecting WebSphere Application Server has been published in security bulletins.

Vulnerability Details

Refer to the security bulletin listed in the Remediation/Fixes section.

Affected Products and Versions

IBM Rational Asset Manager 7.5 and 7.5.3.3.

NOTE: Rational Asset Manager 7.5.2 and later versions does not support embedded WebSphere Application Server.

Remediation/Fixes

Refer to the following security bulletins for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS).

Affected Supporting Product Affected Supporting Product Security Bulletin
IBM WebSphere Application Server Version 7.0 Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)
Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI
Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)
Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)
Security Bulletin: Information Disclosure in WebSphere Application Server (CVE-2018-1621)

Workarounds and Mitigations

None.

CPENameOperatorVersion
rational asset managereq7.5.3.3