IBM Support

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed WebSphere Application Server is vulnerable to an information disclosure (CVE-2022-22473)

Security Bulletin


Summary

The security issue described in CVE-2022-22473 has been identified in the WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)Version(s)
Tivoli Composite Application Manager for Application Diagnostics7.1.0.4

Remediation/Fixes

Follow the WebSphere security bulletin, https://www.ibm.com/support/pages/node/6603421 to update WebSphere Application Servers. 

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

Off

Change History

09 Aug 2022: Initial Publication

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

Document Location

Worldwide

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSDTFJ","label":"Tivoli Composite Application Manager for Application Diagnostics"},"Component":"","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"},{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF027","label":"Solaris"}],"Version":"7.1.0.4","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
27 September 2022

UID

ibm16824169