Assessing WebSphere vulnerabilities
IBM Concert continuously evaluates registered WebSphere servers against vulnerability advisory data to identify known vulnerabilities and affected components.
Before you begin
Ensure that:
- The Websphere_Advisory_Workflow and Websphere_Assessment_Workflow are configured and scheduled.
- WebSphere servers are registered in Concert.
- The Websphere_Advisory_Workflow is successfully ingesting vulnerability advisory data.
Procedure
- In IBM Concert, go to Vulnerability.
- Review the detected vulnerabilities for your WebSphere environments.
- Select a vulnerability to view additional details.
For each vulnerability, you can view:
- Severity and risk level
- CVSS score
- Vulnerability description
- Affected product versions
- Available fixes
- Associated WebSphere servers and components
- Review the vulnerability blast radius to identify affected servers and impacted components across your environment.
Results
After assessment:
- Vulnerabilities are mapped to affected WebSphere servers.
- Impacted components are identified.
- Recommended fixes are identified and associated with affected servers when supported remediation is available.
- Remediation actions are created automatically for vulnerabilities that have supported fixes.