Medium Severity

Security Bulletin: Multiple Security Vulnerabilities Affect IBM WebSphere Application Server in IBM Cloud

Share this post:

There are multiple security vulnerabilities that affect the IBM WebSphere Application Server in the IBM Cloud. WebSphere Application Server Admin Console is vulnerable to cross-site scripting. WebSphere Application Server Liberty is vulnerable to a denial of service. WebSphere Application Server is vulnerable to an information exposure vulnerability. WebSphere Application Server is vulnerable to an information disclosure vulnerability. WebSphere Application Server is vulnerable to an information disclosure vulnerability. There is a vulnerability in the Hibernate Validator library used by WebSphere Application Server Liberty. Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server October 2020 CPU.

Affected product(s) and affected version(s):

These vulnerabilities affect the following versions and releases of IBM WebSphere Application Server in IBM Cloud:

  • Version 9.0
  • Version 8.5
  • Liberty

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6382238

More stories

Security Bulletin: Vulnerabilities in Java and WLP affects IBM Cloud Application Business Insights

Jul 29, 2021 8:08 pm EDT | Medium Severity

Vulnerabilities in Java and WLP affects IBM Cloud Application Business Insights ...read more


Security Bulletin: WebSphere Application Server is vulnerable to a Privilege Escalation vulnerability (CVE-2021-29736)

Jul 29, 2021 8:06 pm EDT | Medium Severity

WebSphere Application Server is vulnerable to a privilege escalation vulnerability. This has been addressed. ...read more


Security Bulletin: Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE) ( CVE-2021-20417, CVE-2021-20415)

Jul 29, 2021 8:00 pm EDT | Medium Severity

There are multiple vulnerabilities identified in IBM Guardium Data Encryption (GDE). These vulnerabilities have been fixed in GDE 4.0.0.5. Please apply the latest version to obtain the fixes. ...read more