PH40343:Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server (CVE-2021-40438 CVSS 7.4 and more)

Download

Downloadable File

File link	File size	File description

Abstract

Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server (CVE-2021-40438 CVSS 7.4 and more)

Download Description

View the Security Bulletin (CVE-2021-34798 and CVE-2021-40438)

View the Security Bulletin(CVE-2021-39275)

PH40343 resolves the following problem:

ERROR DESCRIPTION:
Confidential for Security Integrity ifix CVE-2021-40438, CVE-2021-34798, CVE-2021-39275

PROBLEM SUMMARY:
Confidential for Security Integrity ifix CVE-2021-40438, CVE-2021-34798, CVE-2021-39275

PROBLEM CONCLUSION:
Confidential for CVE-2021-40438, CVE-2021-34798, CVE-2021-39275

The fix for this APAR is currently targeted for inclusion
in fix packs 8.5.5.21 and 9.0.5.10

This interim fix supersedes (includes) the fixes for the following APARS: PH35771, PH36939, PH3966

For more information, see 'Recommended Updates for WebSphere Application Server':
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

None

Installation Instructions

Review the readme.txt for detailed installation instructions.

URL	SIZE(Bytes)
V90 readme	1441
V90 readme	2077
V85 readme	1997
V80 readme	1982
V70 readme	5007

Download Package

IMPORTANT NOTE:	WebSphere Application Server and Liberty fix access requires S&S Entitlement in 2021. Use properly registered IDs to download the fixes in this table.

DOWNLOAD	RELEASE DATE	SIZE(Bytes)	DOWNLOAD Options What is Fix Central(FC)?
9.0.5.9-WS-WASIHS-IFPH40343	28 September 2021	11579399	FC
9.0.5.8-WS-WASIHS-IFPH40343	28 September 2021	11579425	FC
8.5.5.20-WS-WASIHS-IFPH40343	28 September 2021	11463472	FC
8.5.5.19-WS-WASIHS-IFPH40343	28 September 2021	11579772	FC
9.0.5.9-WS-WASIHS_Archive-AixPPC64-IFPH40343	28 September 2021	28630894	FC
9.0.5.9-WS-WASIHS_Archive-LinuxPPC64LE-IFPH40343	28 September 2021	26810799	FC
9.0.5.9-WS-WASIHS_Archive-LinuxS39064-IFPH40343	28 September 2021	27864906	FC
9.0.5.9-WS-WASIHS_Archive-LinuxX64-IFPH40343	28 September 2021	26282835	FC
9.0.5.9-WS-WASIHS_Archive-WinX32-IFPH40343	28 September 2021	33250166	FC
9.0.5.9-WS-WASIHS_Archive-WinX64-IFPH40343	28 September 2021	35435578	FC
8.0.0.15-WS-WASIHS-IFPH40343	28 September 2021	76121210	FC
7.0.0.45-WS-WASIHS-AixPPC32-IFPH40343	28 September 2021	3759699	FC
7.0.0.45-WS-WASIHS-HpuxIA64-IFPH40343	28 September 2021	9376067	FC
7.0.0.45-WS-WASIHS-HpuxPaRISC-IFPH40343	28 September 2021	3582909	FC
7.0.0.45-WS-WASIHS-LinuxPPC32-IFPH40343	28 September 2021	2825229	FC
7.0.0.45-WS-WASIHS-LinuxS390-IFPH40343	28 September 2021	2823628	FC
7.0.0.45-WS-WASIHS-LinuxX32-IFPH40343	28 September 2021	2513007	FC
7.0.0.45-WS-WASIHS-SolarisSparc-IFPH40343	28 September 2021	5232290	FC
7.0.0.45-WS-WASIHS-SolarisX64-IFPH40343	28 September 2021	2720560	FC
7.0.0.45-WS-WASIHS-WinX32-IFPH40343	28 September 2021	5031107	FC

Problems Solved

PH40343

Technical Support

Contact IBM Support at https://www.ibm.com/software/mysupport/s/ or 1-800-IBM-SERV (US only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"IBM HTTP Server"},"Component":"IBM HTTP Server","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"},{"code":"PF010","label":"HP-UX"},{"code":"PF027","label":"Solaris"},{"code":"PF035","label":"z\/OS"},{"code":"PF017","label":"Mac OS"}],"Version":"7.0.0.45;8.0.0.15;8.5.5.19;8.5.5.20;9.0.5.8;9.0.5.9","Edition":"Base","Line of Business":{"code":"LOB45","label":"Automation"}}]

Problems (APARS) fixed
PH40343

Was this topic helpful?

Document Information

Modified date:
30 August 2022

UID

ibm16493791

Tips