IBMAEC322D7B231A41EB50B885093083A12F434B90088B8332217FF86B6AE09FCABSecurity Bulletin: A security vulnerability has been identified in IBM HTTP Server used by IBM WebSphere Application Server which is shipped with IBM PureApplication System (CVE-2015-3183)
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
Summary
IBM WebSphere Application Server is shipped as a component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.
Vulnerability Details
Consult the security bulletin HTTP Request smuggling vulnerability may affect IBM HTTP Server (CVE-2015-3183) for vulnerability details and information about fixes.
The WebSphere fixes can be installed using the IBM PureApplication Systemβs Installation Manager Repository feature.
Affected Products and Versions
Principal Product and Version(s)
| Affected Supporting Product and Version
β|β
PureApplication System versions 2.0 and 2.1| IBM WebSphere Application Server 7.0.0.37
IBM WebSphere Application Server 8.0.0.11
IBM WebSphere Application Server 8.5.5.6
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N