Oct 24, 2019 9:03 am EST
Categorized: Medium Severity
Share this post:
There is an information disclosure and a bypass security vulnerability in WebSphere Application Server Liberty. These vulnerabilities have been addressed.
CVE(s): CVE-2019-4304, CVE-2019-4305
Affected product(s) and affected version(s):
This vulnerability affects all versions of Liberty for Java in IBM Cloud up to and including v3.36.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1097014
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160950
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160951