Fixes are available
Download ISF roll-up 5 for InfoSphere Information Server Version 11.5.0.1
Download ISF roll-up 7 for InfoSphere Information Server Version 11.3.1.2
Download ISF roll-up 6 for InfoSphere Information Server Version 11.5.0.1
Download ISF roll-up 8 for InfoSphere Information Server Version 11.3.1.2
Download ISF roll-up 12 for InfoSphere Information Server Version 9.1.2
APAR status
Closed as program error.
Error description
Information Server contains a Path-relative stylesheet import vulnerability
Local fix
Problem summary
**************************************************************** USERS AFFECTED: Users of Information Server. **************************************************************** PROBLEM DESCRIPTION: Information Server contains a Path-relative stylesheet import vulnerability that allows attackers to render a page in qirks mode thereby facilitating an attacker to inject malicious CSS. **************************************************************** RECOMMENDATION: Refer to Security bulletin http://www.ibm.com/support/docview.wss?uid=swg21995155 for actions to perform. ****************************************************************
Problem conclusion
Code fix needed in Information Server framework and DataStage
Temporary fix
Comments
APAR Information
APAR number
JR56946
Reported component name
INFO SRVR PLATF
Reported component ID
5724Q3612
Reported release
B50
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2016-11-17
Closed date
2017-01-09
Last modified date
2017-01-11
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
INFO SRVR PLATF
Fixed component ID
5724Q3612
Applicable component levels
R870 PSY
UP
R912 PSY
UP
RB31 PSY
UP
RB50 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSZJPZ","label":"InfoSphere Information Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"11.5","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Document Information
Modified date:
14 October 2021