Download
Abstract
WebSphere Application Server Liberty is vulnerable to LDAP Injection (CVE-2021-39031 CVSS 7.5)
Download Description
PH42489 resolves the following problem:
ERROR DESCRIPTION:
WebSphere Application Server Liberty is vulnerable to LDAP Injection (CVE-2021-39031 CVSS 7.5)
PROBLEM SUMMARY:
WebSphere Application Server Liberty is vulnerable to LDAP Injection (CVE-2021-39031 CVSS 7.5)
PROBLEM CONCLUSION:
Confidential for CVE-2021-39031.
The fix for this APAR is targeted for inclusion in Liberty fix pack 22.0.0.2.
For more information, see 'Recommended Updates for WebSphere Application Server':
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
ERROR DESCRIPTION:
WebSphere Application Server Liberty is vulnerable to LDAP Injection (CVE-2021-39031 CVSS 7.5)
PROBLEM SUMMARY:
WebSphere Application Server Liberty is vulnerable to LDAP Injection (CVE-2021-39031 CVSS 7.5)
PROBLEM CONCLUSION:
Confidential for CVE-2021-39031.
The fix for this APAR is targeted for inclusion in Liberty fix pack 22.0.0.2.
For more information, see 'Recommended Updates for WebSphere Application Server':
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Prerequisites
None
Installation Instructions
Review the readme.txt for detailed installation instructions.
| URL | SIZE (Bytes) |
|---|---|
| 22.0.0.1 IM readme file | 2200 |
| 21.0.0.12 IM readme file | 2210 |
| 21.0.0.11 IM readme file | 2201 |
| 22.0.0.1 Archive readme file | 2356 |
| 21.0.0.12 Archive readme file | 2360 |
| 21.0.0.11 Archive readme file | 2360 |
| 21.0.0.9 Archive readme file | 2356 |
Download Package
Important note: WebSphere Application Server and Liberty fix access requires S&S Entitlement in 2021. Use properly registered IDs to download the fixes in this table.
| DOWNLOAD | RELEASE DATE | SIZE (BYTES) | FIXPACK | URL |
|---|---|---|---|---|
| Installation Manager fixes | ||||
| 22.0.0.1-WS-WLP-IFPH42489 | 21 January 2022 | 1636139 | 22.0.0.1 | FC |
| 21.0.0.12-WS-WLP-IFPH42489 | 21 January 2022 | 1636173 | 21.0.0.12 | FC |
| 21.0.0.11-WS-WLP-IFPH42489 | 11 February 2022 | 1636240 | 21.0.0.11 | FC |
| 21.0.0.9-WS-WLP-IFPH42489 | 21 January 2022 | 1636035 | 21.0.0.9 | FC |
| Archive fixes | ||||
| 22001-wlp-archive-IFPH42489 | 21 January 2022 | 1575256 | 22.0.0.1 | FC |
| 210012-wlp-archive-IFPH42489 | 21 January 2022 | 1575292 | 21.0.0.12 | FC |
| 210011-wlp-archive-IFPH42489 | 11 February 2022 | 1575313 | 21.0.0.11 | FC |
| 21009-wlp-archive-IFPH42489 | 21 January 2022 | 1575161 | 21.0.0.9 | FC |
Note: FC stands for Fix Central. Review the What is Fix Central (FC)? FAQs for more details.
Problems Solved
PH42489
On
Technical Support
Contact IBM Support at https://www.ibm.com/software/mysupport/s/ or 1-800-IBM-SERV (US only).
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF035","label":"z\/OS"},{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF017","label":"Mac OS"},{"code":"PF033","label":"Windows"},{"code":"PF014","label":"iOS"}],"Version":"21.0.0.12;21.0.0.9;22.0.0.1","Edition":"Base","Line of Business":{"code":"LOB45","label":"Automation"}}]
Problems (APARS) fixed
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
14 February 2022
UID
ibm16549542