Download
Downloadable File
File link | File size | File description |
---|---|---|
Abstract
WebSphere Liberty is vulnerable to remote code execution due to Dojo (CVE-2021-23450 CVSS 9.8)
Download Description
PH43817 resolves the following problem:
ERROR DESCRIPTION:
WebSphere Liberty is vulnerable to remote code execution due to Dojo (CVE-2021-23450 CVSS 9.8)
The APAR for this issue that applies to WebSphere Application Server is PH43148.
PROBLEM SUMMARY:
WebSphere Liberty is vulnerable to remote code execution due to Dojo (CVE-2021-23450 CVSS 9.8)
PROBLEM CONCLUSION:
Confidential for CVE-2021-23450 CVSS 9.8.
The fix for this APAR is currently targeted for inclusion in fix packs Liberty 22.0.0.3.
For more information, see 'Recommended Updates for WebSphere Application Server':
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Prerequisites
None
Installation Instructions
Review the readme.txt for detailed installation instructions.
URL | SIZE (Bytes) |
---|---|
22.0.0.2 IM readme file | 2039 |
21.0.0.12 IM readme file | 2076 |
21.0.0.9 Archive readme file | 2687 |
21.0.0.12 Archive readme file | 2626 |
22.0.0.2 Archive readme file | 2622 |
Download Package
Important note: WebSphere Application Server and Liberty fix access requires S&S Entitlement in 2021. Use properly registered IDs to download the fixes in this table.
DOWNLOAD | RELEASE DATE | SIZE (BYTES) | FIXPACK | URL |
---|---|---|---|---|
Installation Manager fixes | ||||
22.0.0.2-WS-WLP-IFPH43817 | 14 February 2022 | 8794762 | 22.0.0.2 | FC |
21.0.0.12-WS-WLP-IFPH43817 | 14 February 2022 | 8787268 | 21.0.0.12 | FC |
21.0.0.9-WS-WLP-IFPH43817 | 14 February 2022 | 9096731 | 21.0.0.9 | FC |
Archive fixes | ||||
21009-wlp-archive-IFPH43817 | 14 February 2022 | 9034010 | 21.0.0.9 | FC |
210012-wlp-archive-IFPH43817 | 14 February 2022 | 8724970 | 21.0.0.12 | FC |
22002-wlp-archive-IFPH43817 | 14 February 2022 | 8732937 | 22.0.0.2 | FC |
Note: FC stands for Fix Central. Review the What is Fix Central (FC)? FAQs for more details.
Problems Solved
PH43817
On
Technical Support
Contact IBM Support at https://www.ibm.com/software/mysupport/s/ or 1-800-IBM-SERV (US only).
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF014","label":"iOS"},{"code":"PF035","label":"z\/OS"},{"code":"PF010","label":"HP-UX"},{"code":"PF027","label":"Solaris"},{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF017","label":"Mac OS"},{"code":"PF033","label":"Windows"}],"Version":"21.0.0.12;21.0.0.9;22.0.0.2","Edition":"Base","Line of Business":{"code":"LOB45","label":"Automation"}}]
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
22 February 2022
UID
ibm16556718