Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway

Summary

IBM WebSphere Application Server is shipped as a component of IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway. Information about multiple security vulnerabilities affecting the IBM HTTP server component of IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin, Multiple vulnerabilities in the IBM HTTP Server (CVE-2017-15710, CVE-2017-15715, CVE-2018-1301), for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Tivoli Federated Identity Manager 6.2
IBM Tivoli Federated Identity Manager Business Gateway 6.2| IBM WebSphere Application Server 7.0
IBM Tivoli Federated Identity Manager 6.2.1
IBM Tivoli Federated Identity Manager Business Gateway 6.2.1| IBM WebSphere Application Server 7.0
IBM Tivoli Federated Identity Manager 6.2.2
IBM Tivoli Federated Identity Manager Business Gateway 6.2.2| IBM WebSphere Application Server 7.0, 8.0, 8.5