Lucene search
IBMAF388E39C7E2E10DD256A994A7614BE6548AFD499348BD3FBC811B6F8EC85BA5HistoryFeb 21, 2022 - 2:18 p.m.
Security Bulletin: Security vulnerability in WebSphere Application Server Liberty shipped with Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises (CVE-2021-39031)
2022-02-2114:18:12
www.ibm.com
4
Summary
IBM WebSphere Application Server Liberty is shipped with IBM Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises. WebSphere Application Server Liberty is vulnerable to LDAP Injection.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Predictive Maintenance and Quality | 1.0.x |
| IBM Predictive Maintenance and Quality | 2.5.x |
| IBM Predictive Maintenance and Quality | 2.0.x |
| IBM Maximo APM - Predictive Maintenance Insights On-Premises | 1.0.3 |
Remediation/Fixes
Vulnerability details:
WebSphere Application Server Liberty is vulnerable to LDAP Injection. This has been addressed. The recommended solution is to upgrade to Interim Fix or Fix Pack version on WebSphere Application Server Liberty for IBM Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises installations.
Security bulletin link: <https://www.ibm.com/support/pages/node/6550488>
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| predictive maintenance and quality | eq | 2.6.3 |
Related
ibm
ibm
cnvd
cnvd
IBM WebSphere Application Server Injection Vulnerability (CNVD-2022-07636)
2022-01-27 00:00:00
prion
prion
Design/Logic Flaw
2022-01-25 17:15:00
cve
cve
CVE-2021-39031
2022-01-25 17:15:00
Related for AF388E39C7E2E10DD256A994A7614BE6548AFD499348BD3FBC811B6F8EC85BA5