Security Bulletin:A security vulnerability has been identified in IBM HTTP Server used by IBM WebSphere Application Server which is shipped with IBM PureApplication System (CVE-2015-1283)

2018-06-1507:04:29

www.ibm.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON

Summary

IBM WebSphere Application Server is shipped as a component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Consult the security bulletin Denial of service may affect IBM HTTP Server (CVE-2015-1283) for vulnerability details and information about fixes.

The WebSphere fixes can be installed using the IBM PureApplication System’s Installation Manager Repository feature.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
PureApplication System versions 2.0 and 2.1| IBM WebSphere Application Server 7.0.0.37
IBM WebSphere Application Server 8.0.0.11
IBM WebSphere Application Server 8.5.5.6

CPENameOperatorVersion
pureapplication systemeq2.1.2.0
pureapplication systemeq2.1.1.0
pureapplication systemeq2.1.0.2
pureapplication systemeq2.1.0.1
pureapplication systemeq2.1.0.0
pureapplication systemeq2.0.0.1
pureapplication systemeq2.0

Name	Operator	Version
pureapplication system	eq	2.1.2.0
pureapplication system	eq	2.1.1.0
pureapplication system	eq	2.1.0.2
pureapplication system	eq	2.1.0.1
pureapplication system	eq	2.1.0.0
pureapplication system	eq	2.0.0.1
pureapplication system	eq	2.0