Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Key Lifecycle Manager / IBM Security Key Lifecycle Manager(CVE-2015-2017)

Summary

IBM WebSphere Application Server is shipped as a component of IBM Tivoli Key Lifecycle Manager / IBM Security Key Lifecycle Manager. Information about a security vulnerability affecting Websphere Application Server has been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin Security Bulletin: HTTP response splitting attack in WebSphere Application Server (CVE-2015-2017) for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
TKLM 1.0| WebSphere Application Server 6.1.0.0 through 6.1.0.47
TKLM 2.0| WebSphere Application Server 6.1.0.0 through 6.1.0.47
TKLM 2.0.1| WebSphere Application Server 6.1.0.0 through 6.1.0.47
SKLM 2.5| WebSphere Application Server V8.5.0.0 through 8.5.5.7