Security Bulletin: Vulnerability in WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2022-22477)

2022-07-2803:05:39

www.ibm.com

0.001 Low

EPSS

Percentile

26.6%

JSON

Summary

IBM WebSphere Application Server is shipped with IBM Security Access Manager for Enterprise Single Sign-On. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Security Access Manager for Enterprise Single-Sign On	8.2.1, 8.2.2

Remediation/Fixes

IBM strongly recommends addressing the vulnerability now by updating your systems.

Principal Product and Version(s)	Affected Supporting Product and Version	Affected Supporting Product Security Bulletin
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1, 8.2.2	IBM WebSphere Application Server 8.5	Security Bulletin: IBM WebSphere Application Server is vulnerable to Cross-site Scripting (CVE-2022-22477)

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security access manager for enterprise single sign-oneq8.2.1
ibm security access manager for enterprise single sign-oneq8.2.2