A fix is available
APAR status
Closed as program error.
Error description
Potential Denial of Service in IBM DataPower Gateway DESCRIPTION Processing of certain invalid HTTP messages can cause a restart (CVE-2020-4579, CVE-2020-4580, CVE-2020-4581)
Local fix
Problem summary
Mitigation for CVE-2020-4579, CVE-2020-4580, and CVE-2020-4581.
Problem conclusion
Fix is available in 2018.4.1.13. For a list of the latest fix packs available, please see: hhttps://www.ibm.com/support/pages/node/83105
Temporary fix
Comments
APAR Information
APAR number
IT33517
Reported component name
DATAPOWER
Reported component ID
DP1234567
Reported release
18X
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2020-07-29
Closed date
2020-08-21
Last modified date
2020-08-21
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DATAPOWER
Fixed component ID
DP1234567
Applicable component levels
R18X PSY
UP
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateways"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"18X"}]
Document Information
Modified date:
27 September 2021