IBM WebSphere Application Server is shipped as a component of IBM Tivoli Key Lifecycle Manager / IBM Security Key Lifecycle Manager. Information about a security vulnerability affecting Websphere Application Server has been published in a security bulletin.
Please consult the security bulletin Security Bulletin: HTTP response splitting attack in WebSphere Application Server (CVE-2015-2017) for vulnerability details and information about fixes.
Principal Product and Version(s)
| Affected Supporting Product and Version
—|—
TKLM 1.0| WebSphere Application Server 6.1.0.0 through 6.1.0.47
TKLM 2.0| WebSphere Application Server 6.1.0.0 through 6.1.0.47
TKLM 2.0.1| WebSphere Application Server 6.1.0.0 through 6.1.0.47
SKLM 2.5| WebSphere Application Server V8.5.0.0 through 8.5.5.7