APAR status
Closed as program error.
Error description
The following issues are falsely reported by various security scanning utilities and have been remediated; though the product was not vulnerable: CVE-2022-XXX
Local fix
Problem summary
This change addresses the following CVEs that might be flagged as false-positives by some security scanning tools. CVE-2022-24999 CVE-2022-3676 CVE-2022-39353 CVE-2022-40674 CVE-2022-31676 CVE-2022-2526
Problem conclusion
The fix will be in 10.5.0.3 & 10.0.1.11 & 2018.4.1.24 For a list of the latest fix packs available, please see: https://www.ibm.com/support/pages/node/83105
Temporary fix
Comments
APAR Information
APAR number
IT42523
Reported component name
DATAPOWER
Reported component ID
DP1234567
Reported release
A5X
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-12-02
Closed date
2022-12-14
Last modified date
2022-12-14
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DATAPOWER
Fixed component ID
DP1234567
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateways"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"A5X","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
15 December 2022