Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (SKLM) (CVE-2017-1380)

Summary

IBM WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager (SKLM). Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin Security Bulletin: Cross-site scripting vulnerability in Admin Console for WebSphere Application Server (CVE-2017-1380) for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Security Key Lifecycle Manager (SKLM) v2.5 on distributed platforms | WebSphere Application Server v8.5.5
IBM Security Key Lifecycle Manager (SKLM) v2.6 on distributed platforms | WebSphere Application Server v8.5.5.7
IBM Security Key Lifecycle Manager (SKLM) v2.7 on distributed platforms | WebSphere Application Server v9.0.0.1