Lucene search

K
ibmIBMF3255C69CAE159B5EAA72A9B015DEA0E75B138B66DBE6175E93384AAD7A7BC3D
HistoryMar 04, 2022 - 7:18 p.m.

Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with WebSphere Remote Server

2022-03-0419:18:28
www.ibm.com
27
ibm http server
websphere remote server
cve-2021-45960
cve-2022-22822
cve-2022-23990
cve-2022-22823
cve-2022-23852
cve-2022-22825
cve-2021-46143
cve-2022-22824
cve-2022-22826
cve-2022-22827
expat vulnerabilities

EPSS

0.016

Percentile

87.8%

Summary

IBM HTTP Server is shipped with WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin (CVE-2021-45960, CVE-2022-22822, CVE-2022-23990, CVE-2022-22823, CVE-2022-23852, CVE-2022-22825, CVE-2021-46143, CVE-2022-22824, CVE-2022-22826, and CVE-2022-22827).

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
IBM WebSphere Remote Server - Product Family 9.0, 8.5, 7.1, 7.0

Remediation/Fixes

Refer to the following security bulletins for vulnerability details and information about fixes addressed by IBM HTTP Server which is shipped with WebSphere Remote Server.

Principal Product and Version(s)

|

Affected Supporting Product and Version

|

Affected Supporting Product Security Bulletin

—|—|—

WebSphere Remote Server
9.0, 8.5, 7.1, 7.0

|

IBM HTTP Server 9.0, 8.5, 8.0, 7.0

|

Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server due to Expat vulnerabilities

Workarounds and Mitigations

None