Lucene search

K
ibmIBME94FAC380EC7F3580722F64B216A26E158521C27045B3920C583DC7EE2D51588
HistorySep 15, 2022 - 6:44 p.m.

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with WebSphere Process Server (CVE-2016-0475, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)

2022-09-1518:44:10
www.ibm.com
31

0.051 Low

EPSS

Percentile

92.9%

Summary

WebSphere Application Server (WAS) is shipped as a component of WebSphere Process Server. Information about security vulnerabilities affecting WebSphere Application Server has been published in a security bulletin. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”.

Vulnerability Details

Please consult Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server January 2016 CPU (CVE-2016-0475, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448) for vulnerability details and information about fixes.

Affected Products and Versions

  • WebSphere Process Server 7.0.x
  • WebSphere Process Server Hypervisor Editions V7.0

General support for WebSphere Process Server ended 2015-04-30. Hypervisor editions were in support until 2015-09-30. You are strongly advised to upgrade to a supported product such as IBM Business Process Manager Advanced Edition.

Remediation/Fixes

Please consult Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server January 2016 CPU (CVE-2016-0475, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448) for vulnerability details and information about fixes.

Workarounds and Mitigations

None

0.051 Low

EPSS

Percentile

92.9%