Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Network Manager IP Edition (CVE-2016-0359)

Summary

WebSphere Application Server is shipped as a component of IBM Tivoli Network Manager IP Edition. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin

Vulnerability Details

Please consult the security bulletin HTTP Response Splitting in WebSphere Application Server (CVE-2016-0359) for vulnerability details and information about fixes.

Affected Products and Versions

Affected Product and Version(s)

| Product and Version shipped as a component
—|—
IBM Tivoli Network Manager 3.8| IBM WebSphere version 6.1.0.x.
IBM Tivoli Network Manager 3.9| IBM WebSphere version 7.0.0.x
IBM Tivoli Network Manager 4.1| IBM WebSphere version 7.0.0.x
IBM Tivoli Network Manager 4.1.1| IBM WebSphere version 7.0.0.x
IBM Tivoli Network Manager 4.2| IBM WebSphere version 8.5.5.7 is not shipped as a component but Tivoli Network Manager 4.2 required IBM WebSphere version 8.5.5.7 to run.