Lucene search

K
ibmIBM7147B72B0537A00393FB808533C114E94C4EC044FE8F06504C604464F1FBA696
HistoryMar 31, 2022 - 2:52 a.m.

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721)

2022-03-3102:52:28
www.ibm.com
66
ibm security access manager
ibm websphere application server
ibm http server
cve-2022-22719
cve-2022-22720
cve-2022-22721

EPSS

0.314

Percentile

97.0%

Summary

IBM Security Access Manager for Enterprise Single Sign-On includes IBM WebSphere Application Server. IBM WebSphere Application Server in turn uses IBM HTTP Server. Information about vulnerabilities in IBM HTTP Server affecting IBM WebSphere Application Server has been published in a security bulletin (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721).

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
IBM Security Access Manager for Enterprise Single-Sign On 8.2.0, 8.2.1, 8.2.2

Remediation/Fixes

IBM strongly encourages customers to update their systems rapidly.

Principal Product and Version(s) Affected Supporting Product and Version Affected Supporting Product Security Bulletin
IBM Security Access Manager for Enterprise Single Sign-On 8.2.0 IBM WebSphere Application Server 7.0 Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721)
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 IBM WebSphere Application Server 7.0, 8.5 Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721)
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 IBM WebSphere Application Server 8.5 Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721)

Workarounds and Mitigations

None