Download
Abstract
This patch provides an update for the IBM Tivoli Monitoring WebSphere components.
Download Description
This fix upgrades the WebSphere Application Server (WAS/IHS) which is shipped as part of the IBM Tivoli Monitoring portal server, to 8.5.5.26 plus more interim fixes referred to as interim fix Block 1.
Note this fix is cumulative and includes previous interim fixes plus more fixes.
The fixes included in interim fix Block 1 are:
PH61504:IBM WebSphere Application Server is vulnerable to identity spoofing (CVE-2024-37532 CVSS 8.8)
PH61489:IBM WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2024-35154 CVSS 7.2)
PH61893, PH62263: IBM HTTP Server is vulnerable to multiple vulnerabilities due to the included Apache HTTP Server
PH61546:IBM WebSphere Application Server is vulnerable to cross-site scripting (CVE-2024-35153 CVSS 4.8)
Prerequisites
| Required | URL | Language |
| IBM Tivoli Monitoring 6.3.0 Fix Pack 7 Service Pack 5 or later service pack | https://www.ibm.com/support/pages/node/6174183 | English |
Download Package
| Download | Release Date | Language | Download Options What is Fix Central(FC) |
| 6.X.X-TIV-ITM_TEPS_WAS-IHS_ALL_8.55.26.01 | Sep 5 2024 | English | FC |
How critical is this fix?
This fix addresses issues as reported in the following notices:
Change History
| Created or Revised By | Date YYYY/MM/DD | Summary of changes |
| DMH | 2024/09/05 | Document Published |
Off
[{"Line of Business":{"code":"LOB67","label":"IT Automation \u0026 App Modernization"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"ARM Category":[{"code":"a8m500000008bmsAAA","label":"TEPS Category-\u003ETEPS eWAS"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"6.3.0"}]
Product Synonym
ITM
Was this topic helpful?
Document Information
Modified date:
05 September 2024
UID
ibm17166236