Medium Severity

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to Identity Spoofing (CVE-2022-22476)

Share this post:

IBM WebSphere Application Server Liberty is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed.

CVE(s): CVE-2022-22476

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM WebSphere Application Server Liberty 17.0.0.3 – 22.0.0.7

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6602015
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/225604

More stories

Security Bulletin: A vulnerability in IBM Java Runtime affects SPSS Collaboration and Deployment Services (CVE-2022-21496)

September 28, 2022 | Medium Severity

There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by SPSS Collaboration and Deployment Services. This issue has been addressed. ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443)

September 28, 2022 | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVEs. ...read more


Security Bulletin: Vulnerabilities in IBM Semeru Runtime affect SPSS Collaboration and Deployment Services (CVE-2022-21496, CVE-2022-21426)

September 28, 2022 | Medium Severity

There are vulnerabilities in IBM® Semeru Runtime Open Edition 11 used by SPSS Collaboration and Deployment Services. The issues have been addressed. ...read more