IBM Support

IZ55518: ROUTE OF IZ54310 - 36107 - CORRECT XSS VULNERABILITES IN THE SELF-SERVICE UI INTERFACE.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • 36107 - Correct XSS vulnerabilites in the self-service UI
    interface.
    A possible security condition may exist when someone passes a
    specific URL to an ITIM Administrator via cut and paste.
    

Local fix

Problem summary

  • Users affected:
    All customers using the Self Service UI.
    

Problem conclusion

  • This fix for this APAR is contained in the
    following maintenance packages:
    | Interim fix | 4.6.0-TIV-TIM-IF0093
    

Temporary fix

Comments

APAR Information

  • APAR number

    IZ55518

  • Reported component name

    IBM TIV ID MGR

  • Reported component ID

    5724C3403

  • Reported release

    460

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2009-07-17

  • Closed date

    2009-07-31

  • Last modified date

    2009-07-31

  • APAR is sysrouted FROM one or more of the following:

    IZ54310

  • APAR is sysrouted TO one or more of the following:

Modules/Macros

  • SSUI
    

Fix information

  • Fixed component name

    IBM TIV ID MGR

  • Fixed component ID

    5724C3403

Applicable component levels

  • R460 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRMWJ","label":"IBM Security Identity Manager"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"460","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
31 July 2009