Lucene search

IBMD14FF08FA42A2ED5897EF7CEAC52EFBCDCA076973D0DE34B31211B8529CDC932

HistoryJun 30, 2023 - 11:34 a.m.

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server shipped with IBM Business Automation Workflow April 2023 CPU

2023-06-3011:34:54

www.ibm.com

ibm

java sdk

websphere application server

business automation workflow

security bulletin

vulnerability

upgrade

unsupported versions

remediation

fixes

JSON

Summary

WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)	Status	Note
IBM Business Automation Workflow traditional

V23.0.1
V22.0.1 - v22.0.2
V21.0.1 - V21.0.3.1
V20.0.0.1 - V20.0.0.2
V19.0.0.1 - V19.0.0.3
V18.0.0.0 - V18.0.0.2

| Affected| Cumulative Fixes cannot automatically install interim fixes for the base Application Server. It is important to follow the complete installation instructions and manually ensure that recommended security fixes are installed.
IBM Business Automation Workflow Enterprise Service Bus| V23.0.1
V22.0.2| Affected| Cumulative Fixes cannot automatically install interim fixes for the base Application Server. It is important to follow the complete installation instructions and manually ensure that recommended security fixes are installed.

For earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.

Remediation/Fixes

Please consult the security bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2023 CPU for vulnerability details and information about fixes.

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmbusiness_automation_workflowMatch18.0.0.0

ibmbusiness_automation_workflowMatch18.0.0.1

ibmbusiness_automation_workflowMatch18.0.0.2

ibmbusiness_automation_workflowMatch19.0.0.1

ibmbusiness_automation_workflowMatch19.0.0.2

ibmbusiness_automation_workflowMatch19.0.0.3

ibmbusiness_automation_workflowMatch20.0.0.1

ibmbusiness_automation_workflowMatch20.0.0.2

ibmbusiness_automation_workflowMatch21.0.2

ibmbusiness_automation_workflowMatch21.0.3

ibmbusiness_automation_workflowMatch22.0.1

ibmbusiness_automation_workflowMatch22.0.2

ibmbusiness_automation_workflowMatch23.0.1

ibmbusiness_process_manager_enterprise_service_busMatch22.0.2

ibmbusiness_process_manager_enterprise_service_busMatch23.0.1

CPENameOperatorVersion
ibm business automation workfloweq18.0.0.0
ibm business automation workfloweq18.0.0.1
ibm business automation workfloweq18.0.0.2
ibm business automation workfloweq19.0.0.1
ibm business automation workfloweq19.0.0.2
ibm business automation workfloweq19.0.0.3
ibm business automation workfloweq20.0.0.1
ibm business automation workfloweq20.0.0.2
ibm business automation workfloweq21.0.2
ibm business automation workfloweq21.0.3

Name	Operator	Version
ibm business automation workflow	eq	18.0.0.0
ibm business automation workflow	eq	18.0.0.1
ibm business automation workflow	eq	18.0.0.2
ibm business automation workflow	eq	19.0.0.1
ibm business automation workflow	eq	19.0.0.2
ibm business automation workflow	eq	19.0.0.3
ibm business automation workflow	eq	20.0.0.1
ibm business automation workflow	eq	20.0.0.2
ibm business automation workflow	eq	21.0.2
ibm business automation workflow	eq	21.0.3

Rows per page:

1-10 of 151

JSON