Download
Downloadable File
File link | File size | File description |
---|---|---|
Abstract
IBM WebSphere Application Server Liberty is vulnerable to Identity Spoofing (CVE-2022-22476 CVSS 5.0)
Download Description
This interim fix is superseded by a later interim fix
This fix is superseded by the fix for APAR PH48187. Download and install the fix for PH48187 to resolve PH47867.
This fix is superseded by the fix for APAR PH48187. Download and install the fix for PH48187 to resolve PH47867.
You can also use the Fix Central link later on this page to get a list of all the fixes that include PH47867.
PH47867 resolves the following problem:
ERROR DESCRIPTION:
IBM WebSphere Application Server Liberty is vulnerable to Identity Spoofing (CVE-2022-22476 CVSS 5.0)
PROBLEM SUMMARY:
IBM WebSphere Application Server Liberty is vulnerable to Identity Spoofing (CVE-2022-22476 CVSS 5.0)
ERROR DESCRIPTION:
IBM WebSphere Application Server Liberty is vulnerable to Identity Spoofing (CVE-2022-22476 CVSS 5.0)
PROBLEM SUMMARY:
IBM WebSphere Application Server Liberty is vulnerable to Identity Spoofing (CVE-2022-22476 CVSS 5.0)
PROBLEM CONCLUSION:
Confidential for CVE-2022-22476.
The fix for this APAR is currently targeted for inclusion in Liberty 22.0.0.8.
For more information, see 'Recommended Updates for WebSphere Application Server': http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
This fix supersedes (includes) the fixes for PH46072 and the original APAR for this CVE, PH46073.
Confidential for CVE-2022-22476.
The fix for this APAR is currently targeted for inclusion in Liberty 22.0.0.8.
For more information, see 'Recommended Updates for WebSphere Application Server': http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
This fix supersedes (includes) the fixes for PH46072 and the original APAR for this CVE, PH46073.
Prerequisites
None
Download Package
Important note: WebSphere Application Server and Liberty fix access requires S&S Entitlement in 2021. Use properly registered IDs to download fixes from Fix Central. For information about Fix Central, see What is Fix Central (FC)?.
Perform the following steps to locate and download interim fixes for your application server:
|
Problems Solved
PH47867
Change History
7/08/22: Removed links to fixes for PH46073
7/09/22: Changed the APAR from PH46073 to PH47867
7/11/22: Added links to fixes for PH47867
7/26/22: Added information about replacement APAR PH48187. Replaced direct fix links with a fix central query.
On
Technical Support
Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"},{"code":"PF017","label":"Mac OS"}],"Version":"22.0.0.3;22.0.0.6;22.0.0.7","Edition":"Base","Line of Business":{"code":"LOB45","label":"Automation"}}]
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
26 July 2022
UID
ibm16601887