Medium Severity

Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server Liberty in IBM Cloud Private VM Quickstarter

Share this post:

There are multiple vulnerabiltities in WebSphere Application Server Liberty that is shipped with IBM WebSphere Application for IBM Cloud Private VM Quickstarter. There is an information disclosure and a bypass security vulnerability in WebSphere Application Server Liberty. There is a potential information disclosure vulnerability in IBM WebSphere Application Server. There is a clickjacking vulnerability in IBM WebSphere Application Server Liberty Admin Center. There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM WebSphere Application Server.

Affected product(s) and affected version(s):

These vulnerabilities affect the following versions and releases of IBM WebSphere Application Server for IBM Cloud Private VM Quickstarter:

  • 3.0

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/2494017

More stories

Security Bulletin: Vulnerability in IBM Java Runtime affects Watson Explorer and Watson Explorer Content Analytics Studio (CVE-2019-2989)

Feb 17, 2020 7:00 pm EST | Medium Severity

There is a vulnerability in IBM® Runtime Environment Java™ Version 8 and Version 7 used by Watson Explorer and Watson Explorer Content Analytics Studio. Watson Explorer and Watson Explorer Content Analytics Studio have addressed the applicable CVE. ...read more


Security Bulletin: Bypass security restrictions in WebSphere Application Server Liberty affect IBM Operations Analytics – Log Analysis (CVE-2019-4304)

Feb 17, 2020 7:00 pm EST | Medium Severity

Inadequate session invalidation allow bypass security restrictions in WebSphere Application Server Liberty ...read more