Download
Downloadable File
| File link | File size | File description |
|---|---|---|
Abstract
XML External Entity (XXE) Injection vulnerability in WebSphere Application Server (CVE-2021-20353 CVSS 8.2)
Download Description
PH33228 resolves the following problem:
ERROR DESCRIPTION:
XML External Entity (XXE) Injection vulnerability in WebSphere Application Server (CVE-2021-20353)
LOCAL FIX:
PROBLEM SUMMARY:
XML External Entity (XXE) Injection vulnerability in WebSphere Application Server (CVE-2021-20353)
PROBLEM CONCLUSION:
The fix for this APAR is currently targeted for inclusion in fix packs 8.5.5.20 and 9.0.5.7.
Please refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
ERROR DESCRIPTION:
XML External Entity (XXE) Injection vulnerability in WebSphere Application Server (CVE-2021-20353)
LOCAL FIX:
PROBLEM SUMMARY:
XML External Entity (XXE) Injection vulnerability in WebSphere Application Server (CVE-2021-20353)
PROBLEM CONCLUSION:
The fix for this APAR is currently targeted for inclusion in fix packs 8.5.5.20 and 9.0.5.7.
Please refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Prerequisites
None
Installation Instructions
Review the readme.txt for detailed installation instructions.
| URL | SIZE(Bytes) |
|---|---|
| 9.0.5 Readme | 2366 |
| 9.0.0.11 Readme | 2320 |
| 8.5.5.19 Readme | 2309 |
| V85 Readme | 2435 |
| V80 Readme | 2414 |
| V70 Readme | 5093 |
Download Package
|
IMPORTANT NOTE:
|
WebSphere Application Server and Liberty fix access requires S&S Entitlement in 2021, use properly registered IDs to download fixes for WebSphere Application Server below.
|
| DOWNLOAD | RELEASE DATE | SIZE(Bytes) |
DOWNLOAD Options |
|---|---|---|---|
| 9.0.5.0-WS-WASProd-IFPH33228 | 09 February 2021 | 335689 | FC |
| 9.0.0.11-WS-WASProd-IFPH33228 | 07 April 2021 | 302947 | FC |
| 8.5.5.19-WS-WASProd-IFPH33228 | 15 February 2021 | 303037 | FC |
| 8.5.5.14-WS-WASProd-IFPH33228 | 09 February 2021 | 324731 | FC |
| 8.0.0.12-WS-WAS-IFPH33228 | 09 February 2021 | 269823 | FC |
| 7.0.0.41-WS-WAS-IFPH33228 | 09 February 2021 | 55828 | FC |
Problems Solved
PH33228
On
Technical Support
Contact IBM Support at https://www.ibm.com/software/mysupport/s/ or 1-800-IBM-SERV (US only).
Document Location
Worldwide
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"7.0.0.41;7.0.0.43;7.0.0.45;8.0.0.12;8.0.0.13;8.0.0.14;8.0.0.15;8.5.5.14;8.5.5.15;8.5.5.16;8.5.5.17;8.5.5.18;9.0.5.0;9.0.5.1;9.0.5.2;9.0.5.3;9.0.5.4;9.0.5.5;9.0.5.6","Edition":"Base","Line of Business":{"code":"LOB45","label":"Automation"}}]
Problems (APARS) fixed
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
07 April 2021
UID
ibm16413689