IBM Tivoli Monitoring WebSphere Application Server and IHS Upgrade ( 6.X.X-TIV-ITM_TEPS_WAS-IHS

Download

Abstract

This patch provides an update for the IBM Tivoli Monitoring (ITM) WebSphere components.

Download Description

This fix upgrades the WebSphere Application Server (eWAS) and IHS which is shipped as part of the IBM Tivoli Monitoring portal server, to version 8.5.5.18 plus additional Interim Fixes referred to as Interim Fix Block 1. Note this is cumulative and includes previous Interim fixes plus the additional fixes below.

The Interim Fixes included as part of Interim Fix Block 1 include:
PH19528: Denial of Service in WebSphere Application Server (CVE-2019-4720)
PH23853: WebSphere Application Server is vulnerable to a privilege escalation vulnerability (CVE-2020-4362 and CVE-2020-4276)
PH21511: Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2020-4276).
PH25074: WebSphere Application Server IIOP Deserialization Vulnerability (CVE-2020-4449 and CVE-2020-4450)
PH26952: IBM WebSphere Application Server SOAP Deserialization Vulnerability (CVE-2020-4464)
PH26083: WebSphere Application Server Code Execution Vulnerability by local users (CVE-2020-4534)
PH20847: Information disclosure in WebSphere Application Server (CVE-2020-4329)
PH23638: Server-side request forgery in WebSphere Application Server Admin Console (CVE-2020-4365)
PH26761: Vulnerability in Apache Batik affects WebSphere Application Server Apache Batik open source (CVE-2019-17566)
PH27509: WebSphere Application Server XXE Injection Vulnerability (CVE-2020-4643)
PH26220: WebSphere Application Server is vulnerable to cross-site scripting (CVE-2020-4578)

Prerequisites

Required	URL	Language
IBM Tivoli Monitoring 6.3.0 Fix Pack 7 Service Pack 5 or later service pack	https://www.ibm.com/support/pages/node/6174183	English

Download Package

Download	Release Date	Language	Download Options What is Fix Central(FC)
6.X.X-TIV-ITM_TEPS_EWAS-IHS_ALL_8.55.18.01	22 October 2020	English	FC

How critical is this fix?

This fix addresses issues as reported in the following notice:

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server

Change History

Created/Revised By	Date (YYYY/MM/DD)	Summary of changes
DMH	2020/10/22	Document published

Off

[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"ARM Category":[{"code":"a8m500000008bmsAAA","label":"TEPS Category->TEPS eWAS"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"6.3.0"}]

Product Synonym

ITM

Was this topic helpful?

Document Information

Modified date:
07 December 2020

UID

ibm16350173

Tips

IBM Tivoli Monitoring WebSphere Application Server and IHS Upgrade ( 6.X.X-TIV-ITM_TEPS_WAS-IHS_8.55.18.01)