Security Bulletin: Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Security Identity Manager

2022-10-1115:53:03

www.ibm.com

JSON

Summary

IBM WebSphere Application Server (WAS) is shipped with IBM Security Identity Manager (ISIM). Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Security Verify Governance, Identity Manager software component	10.0
ISIM	6.0.0
ISIM	6.0.2

Remediation/Fixes

Principal Product and Version(s)	Affected Supporting Product and Version(s)	Affected Supporting Product Security Bulletin
ISIM 6.0.0	WAS 7.0,8.5

Security Bulletin: IBM WebSphere Application Server traditional is vulnerable to Server-Side Request Forgery(CVE-2020-35282)

ISIM 6.0.2| WAS 9
ISVG 10.0| WAS 9|

Security Bulletin: IBM WebSphere Application Server traditional is vulnerable to Server-Side Request Forgery(CVE-2020-35282)

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security identity managereq6.0
ibm security identity managereq6.0.2
ibm security identity managereq10.0

Name	Operator	Version
ibm security identity manager	eq	6.0
ibm security identity manager	eq	6.0.2
ibm security identity manager	eq	10.0

JSON

Related for D64C4B90EC921ADE58D96F72A9A5F5EEA1915D554E138A3BE0D6D599092BBF3B