Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM PureApplication System (CVE-2015-2017)

Summary

IBM WebSphere Application Server is shipped as a component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Consult the security bulletin HTTP response splitting attack in IBM WebSphere Application Server (CVE-2015-2017) for vulnerability details and information about fixes.

The WebSphere fixes can be installed using the IBM PureApplication System’s Installation Manager Repository feature.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
PureApplication System versions 2.0 and 2.1| IBM WebSphere Application Server 7.0.0.37
IBM WebSphere Application Server 8.0.0.11
IBM WebSphere Application Server 8.5.5.7