Security Bulletin: Potential denial of service vulnerability in WebSphere Application Server may affect IBM InfoSphere Global Name Management (CVE-2019-4046)

Summary

There is a potential denial of service vulnerability in WebSphere Application Server shipped as part of IBM Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations.

Vulnerability Details

CVE(s):CVE-2019-4046

Link to security bulletin: <https://www-01.ibm.com/support/docview.wss?uid=ibm10869570&gt;

Affected Products and Versions

IBM InfoSphere Global Name Management 6.0

IBM InfoSphere Global Name Management 5.0

Remediation/Fixes

IBM InfoSphere Global Name Management 6.0: Apply WebSphere Liberty fix pack 19.0.0.4 or later**.**

**IBM InfoSphere Global Name Management 5.0:**Upgrade to WebSphere Application Server Fix Pack 8.0.0.15, and then apply Interim Fix PH06340.
DISCLAIMER: This version of the product uses Java 6, which is now beyond end of support. Customers using IBM InfoSphere Global Name Management 5.0 are encouraged to move to IBM InfoSphere Global Name Management 6.0