Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Security Policy Manager (CVE-2017-1380)

Summary

IBM WebSphere Application Server (WAS) is shipped as a component of IBM Tivoli Security Policy Manager (TSPM). Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin, Cross-site scripting vulnerability in Admin Console for WebSphere Application Server (CVE-2017-1380), for vulnerability details and information about fixes.

Affected Products and Versions

Product Version

| WebSphere version
—|—
TSPM 7.1| WAS V6.1, V7.0

Note: TSPM is comprised of TSPM and Runtime Security Services (RTSS).