Download
Downloadable File
| File link | File size | File description |
|---|---|---|
Abstract
IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery due to Apache CXF (CVE-2022-46364 CVSS 9.8)
Download Description
PH52095 resolves the following problem:
ERROR DESCRIPTION:
Confidential for Security Integrity interim fix CVE-2022-46364.
PROBLEM SUMMARY:
Confidential for Security Integrity interim fix CVE-2022-46364.
PROBLEM CONCLUSION:
Confidential for CVE-2022-46364.
The fix for this APAR is targeted for inclusion in Liberty fix pack 23.0.0.2.
For more information, see Recommended Updates for WebSphere Application Server:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
ERROR DESCRIPTION:
Confidential for Security Integrity interim fix CVE-2022-46364.
PROBLEM SUMMARY:
Confidential for Security Integrity interim fix CVE-2022-46364.
PROBLEM CONCLUSION:
Confidential for CVE-2022-46364.
The fix for this APAR is targeted for inclusion in Liberty fix pack 23.0.0.2.
For more information, see Recommended Updates for WebSphere Application Server:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Prerequisites
None
Installation Instructions
Review the readme.txt for detailed installation instructions.
| URL | SIZE(Bytes) |
|---|---|
| 23.0.0.1 IM readme file | 2183 |
| 22.0.0.12 IM readme file | 2194 |
| 23.0.0.1 archive readme file | 2183 |
| 22.0.0.12 archive readme file | 2582 |
| 22.0.0.9 archive readme file | 2578 |
Download Package
|
IMPORTANT NOTE:
|
WebSphere Application Server and Liberty fix access requires S&S Entitlement beginning in 2021. Use properly registered IDs to download the fixes in this table.
|
| DOWNLOAD | RELEASE DATE | SIZE(Bytes) |
URL |
|---|---|---|---|
| 23001-wlp-archive-IFPH52095 | 02 February 2023 | 7642295 | FC |
| 220012-wlp-archive-IFPH52095 | 02 February 2023 | 7637178 | FC |
| 22009-wlp-archive-IFPH52095 | 02 February 2023 | 7631270 | FC |
| 23.0.0.1-WS-WLP-IFPH52095 | 02 February 2023 | 7704440 | FC |
| 22.0.0.12-WS-WLP-IFPH52095 | 02 February 2023 | 7699642 | FC |
| 22.0.0.9-WS-WLP-IFPH52095 | 02 February 2023 | 7693427 | FC |
Note: FC stands for Fix Central. Review the What is Fix Central (FC)? FAQs for more details.
Problems Solved
PH52095
Change History
15 May 2023: Update CVSS score from 7.5 to 9.8.
On
Technical Support
Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF017","label":"Mac OS"},{"code":"PF033","label":"Windows"},{"code":"PF014","label":"iOS"},{"code":"PF035","label":"z\/OS"}],"Version":"22.0.0.12;22.0.0.9;23.0.0.1","Edition":"Base","Line of Business":{"code":"LOB45","label":"Automation"}}]
Problems (APARS) fixed
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
15 May 2023
UID
ibm16953471