5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
IBM Tivoli Storage Manager FastBack Reporting requires the dependent product IBM WebSphere Application Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.
Please consult the security bulletin Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server October 2015 CPU (CVE-2015-4872, CVE-2015-4734, CVE-2015-5006) for vulnerability details and information about fixes. Note that interim fix PI51440 and PI51439 can be applied to the current 8.5.0.1 Full Profile of IBM WebSphere Application server; it is not necessary to upgrade to the latest fix pack level for IBM WebSphere Application Server (8.5.5.1 or 8.5.5.2) and then apply the interim fix.
Principal Product and Version(s)
| Affected Supporting Product and Version
—|—
IBM Tivoli Storage Manager Fastback 6.1.0 through 6.1.12.1| IBM WebSphere Application Server 8.5.0.1 Full Profile
IBM Tivoli Storage Manager Fastback 6.1.12.2 through 6.1.12.3| IBM WebSphere Application Server 8.5.5.4 Full Profile
None