APAR status
Closed as program error.
Error description
While an administrator is signed on to the Admin Console, some sensitive information can be found in clear text in storage for the Deployment manager - a dump of the DGMR taken on z/OS exposes this information.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server zOS V8.5 and 9.0 * **************************************************************** * PROBLEM DESCRIPTION: Sensitive information can be exposed * * in clear test format inside the dump * * files generated by WebSphere * * Application Server. * **************************************************************** * RECOMMENDATION: * **************************************************************** Sensitive information can be exposed in clear test format inside the dump files generated by WebSphere Application Server. The only way to confirm if the issue is caused by this issue is by collecting dump files in zOS
Problem conclusion
The code has been reviewed and updated to remove the exposure of the sensitive information The fix for this APAR is targeted for inclusion in fix pack 8.5.5.19 and 9.0.5.6. For more information, see 'Recommended Updates for WebSphere Application Server': https://www.ibm.com/support/pages/node/715553
Temporary fix
Comments
APAR Information
APAR number
PH28196
Reported component name
WEBSPHERE FOR Z
Reported component ID
5655I3500
Reported release
850
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2020-08-05
Closed date
2020-09-14
Last modified date
2020-09-14
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WEBSPHERE FOR Z
Fixed component ID
5655I3500
Applicable component levels
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SS7K4U","label":"WebSphere Application Server for z\/OS"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"850"}]
Document Information
Modified date:
15 September 2020