APAR status
Closed as program error.
Error description
IBM WebSphere Application Server Liberty is vulnerable to Identity Spoofing and to HTTP header injection
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: * * IBM Storage Insights users * **************************************************************** * PROBLEM DESCRIPTION: * * SECURITY APAR FOR * * CVE-2022-22476, CVE-2022-34165 * **************************************************************** * RECOMMENDATION: * ****************************************************************
Problem conclusion
The fix for this APAR is included in the following release: IBM Storage Insights 4Q22 [ 54X-IBM-SI ] ( release deployment 4Q 2022 / December )
Temporary fix
Comments
APAR Information
APAR number
IT42434
Reported component name
STORAGE INSIGHT
Reported component ID
5608TPCSI
Reported release
544
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-11-10
Closed date
2022-12-16
Last modified date
2022-12-16
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TPC
Fixed component ID
5608TPC00
Applicable component levels
[{"Business Unit":{"code":"BU029","label":"Software"},"Product":{"code":"SSNE44","label":"Tivoli Storage Productivity Center"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"544"}]
Document Information
Modified date:
16 December 2022