IBM WebSphere Application Server Multiple Vulnerabilities
Last Update Date:
12 May 2017
Release Date:
11 May 2017
4763
Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in IBM SDK Java Technology Edition and Administrative Console of IBM WebSphere Application Server, which could lead to remote code execution, information disclosure, denial of service and data tampering.
Impact
- Denial of Service
- Remote Code Execution
- Information Disclosure
- Data Manipulation
System / Technologies affected
- IBM SDK, Java Technology Editions shipped with WebSphere Application Server Liberty up to 17.0.0.1.
- IBM SDK, Java Technology Editions shipped with IBM WebSphere Application Server Traditional Version 9.0.0.0 through 9.0.0.3, 8.5.0.0 through 8.5.5.11, Version 8.0.0.0 through 8.0.0.13, Version 7.0.0.0 through 7.0.0.43.
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix:
http://www-01.ibm.com/support/docview.wss?uid=swg22003016
http://www-01.ibm.com/support/docview.wss?uid=swg21998469
Vulnerability Identifier
- CVE-2017-3544
- CVE-2017-3539
- CVE-2017-3533
- CVE-2017-3514
- CVE-2017-3512
- CVE-2017-3511
- CVE-2017-3509
- CVE-2017-1289
- CVE-2016-9843
- CVE-2016-9842
- CVE-2016-9841
- CVE-2016-9840
- CVE-2017-1137
Source
Related Link
Share with