Download
Downloadable File
| File link | File size | File description |
|---|---|---|
Abstract
IBM WebSphere Application Server is vulnerable to information disclosure (CVE-2023-50315 CVSS 5.3)
Download Description
PH58798 resolves the following problem:
ERROR DESCRIPTION:
Confidential for Security Integrity interim fix CVE-2023-50315.
The fix for this APAR is targeted for inclusion in 8.5.5.27 and 9.0.5.21.
For more information, see Recommended Updates for WebSphere Application Server:
https://www.ibm.com/support/pages/node/715553
This fix supersedes (includes) the fix for PH58869, PH59304, PH59682, PH61068, PH61385, PH61808
ERROR DESCRIPTION:
Confidential for Security Integrity interim fix CVE-2023-50315.
The fix for this APAR is targeted for inclusion in 8.5.5.27 and 9.0.5.21.
For more information, see Recommended Updates for WebSphere Application Server:
https://www.ibm.com/support/pages/node/715553
Supersedes Info:
This fix supersedes (includes) the fix for PH58869, PH59304, PH59682, PH61068, PH61385, PH61808
Potential Side Effects:
After this fix installed, for all outbound connections, the runtime now checks to make sure that the hostname value from the target server's certificate matches the hostname value used for the connection. You can configure your server to tolerate mismatched certificates:
Prerequisites
None
Download Package
|
IMPORTANT NOTE:
|
WebSphere Application Server and Liberty fix access requires S&S Entitlement beginning in 2021. Use properly registered IDs to download the fixes in this table.
Signature file is provided along with interim fix. See Verifying WebSphere Application Server release packages and Verifying Liberty release packages. |
| DOWNLOAD | RELEASE DATE | SIZE(Bytes) |
URL |
|---|---|---|---|
| 9.0.5.20-WS-WAS-IFPH58798 | 12 August 2024 | 8094655 | FC |
| 9.0.5.19-WS-WAS-IFPH58798 | 12 August 2024 | 8111775 | FC |
| 8.5.5.26-WS-WAS-IFPH58798 | 12 August 2024 | 7412086 | FC |
| 8.5.5.25-WS-WAS-IFPH58798 | 12 August 2024 | 7441752 | FC |
Note: FC stands for Fix Central. Review the What is Fix Central (FC)? FAQs for more details.
Problems Solved
PH58798, PH58869, PH59304, PH59682, PH61068, PH61385, PH61808
On
Technical Support
Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).
Document Location
Worldwide
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"8.5.5.25;8.5.5.26;9.0.5.19;9.0.5.20","Edition":"Base","Line of Business":{"code":"LOB67","label":"IT Automation \u0026 App Modernization"}}]
Problems (APARS) fixed
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
14 August 2024
UID
ibm17165326