IBM Support

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM InfoSphere Master Data Management Server (CVE-2016-2108 CVE-2016-2107 CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176)

Created by Ray Brandt on
Published URL:
https://www.ibm.com/support/pages/node/279743
279743

Security Bulletin


Summary

IBM WebSphere Application Server is shipped as a component of IBM InfoSphere Master Data Management Server . Information about a security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Consult the security bulletin Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server January 2016 CPU (CVE-2016-2108 CVE-2016-2107 CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176) for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s)

Affected Supporting Product and Version
IBM InfoSphere Master Data Management Server 9.xIBM WebSphere Application Server 7.0
IBM InfoSphere Master Data Management Server 10.0IBM WebSphere Application Server 7.0
IBM InfoSphere Master Data Management Server 10.1IBM WebSphere Application Server 8.0
IBM InfoSphere Master Data Management Standard/Advanced Edition 11.0IBM WebSphere Application Server 8.5
IBM InfoSphere Master Data Management Standard/Advanced Edition 11.3IBM WebSphere Application Server 8.5.5
IBM InfoSphere Master Data Management Standard/Advanced Edition 11.4IBM WebSphere Application Server 8.5.5
IBM InfoSphere Master Data Management Standard/Advanced Edition 11.5IBM WebSphere Application Server 8.5.5

Get Notified about Future Security Bulletins

Subscribe to My Notifications to be notified of important product support alerts like this.

References

Complete CVSS v2 Guide
On-line Calculator v2

Off

Related Information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

31 May 2016: Original version published

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

[{"Product":{"code":"SSWSR9","label":"IBM InfoSphere Master Data Management"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF010","label":"HP-UX"}],"Version":"10.0;10.0.0;10.1;10.1.0;11.0;11.0.0;11.3;9.0;9.1;11.4;9.7;9.5;9.2;11.5","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
27 April 2022

UID

swg21983635

Page Feedback