Direct links to fixes
APAR status
Closed as program error.
Error description
Cross-site scripting vulnerability in WebSphere Applicaiton Server Admin Console
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: * * IBM Spectrum Control 5.2.x users, and IBM Tivoli Storage * * Productivity Center 5.1.x users * **************************************************************** * PROBLEM DESCRIPTION: * * SECURITY VULNERABILITY: Potential Cross-site scripting * * vulnerability in WebSphere Application Server * * (CVE-2017-1121) * * * * Security Bulletin: * * http://www-01.ibm.com/support/docview.wss?uid=swg22006027 * **************************************************************** * RECOMMENDATION: * * Apply fix maintenance when available * ****************************************************************
Problem conclusion
The fix for this APAR is targeted for the following maintenance packages: Fixed in IBM Spectrum Control 5.2.14, and Tivoli Storage Productivity Center 5.1.1.15 | refresh pack | 5.2-TIV-TPC-RP0014 - released May 2017 | fix pack | 5.1.1-TIV-TPC-FP0015 - released September 2017 http://www.ibm.com/support/docview.wss?&uid=swg21320822 The target dates for future refresh packs do not represent a formal commitment by IBM. The dates are subject to change without notice.
Temporary fix
Comments
APAR Information
APAR number
IT20657
Reported component name
TPC
Reported component ID
5608TPC00
Reported release
52D
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2017-05-18
Closed date
2017-09-14
Last modified date
2017-09-18
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TPC
Fixed component ID
5608TPC00
Applicable component levels
[{"Business Unit":{"code":"BU029","label":"Software"},"Product":{"code":"SSNE44","label":"Tivoli Storage Productivity Center"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"52D"}]
Document Information
Modified date:
24 June 2022