Download
Downloadable File
File link | File size | File description |
---|---|---|
Abstract
IBM HTTP Server is vulnerable to multiple vulnerabilities due to the included Apache HTTP Server and Apache Portable Runtime (CVE-2022-28331 CVSS 9.8 and more)
Download Description
IBM HTTP Server is vulnerable to multiple vulnerabilities due to the included Apache HTTP Server and Apache Portable Runtime (CVE-2022-28331 CVSS 9.8 and more)
- CVE-2022-36760
- CVE-2006-20001
- CVE-2022-37436
- CVE-2022-25147
- CVE-2022-28331
The fix for this APAR is currently targeted for inclusion
in fix packs 8.5.5.24 and 9.0.5.15
For more information, see Recommended Updates for WebSphere Application Server:å
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
This fix supersedes (includes) the fix for PH50316 as well as PH49572,PH47792,PH46897,PH48168
![](/support/pages/system/files/support/swg/swgdnld.nsf/0/e2a015e4a866ba248525811c006a745f/Content/0.84.gif)
The interim fix for this APAR has been superseded by a later interim fix. Download and install the interim fix for PH53014 to resolve this APAR.
- CVE-2022-36760
- Configurations are vulnerable if mod_proxy_ajp is loaded.
- This module is not provided with IHS 9.0
- Configurations are vulnerable if mod_proxy_ajp is loaded.
- CVE-2006-20001
- Configurations that load mod_dav may be vulnerable
- CVE-2022-37436
- Configurations that load mod_proxy_http may be vulnerable.
- CVE-2022-25147
- Configurations without third-party modules or Lua scripts are affected but not vulnerable
- Configurations with third-party modules or Lua scripts may be vulnerable.
- Configurations without third-party modules or Lua scripts are affected but not vulnerable
- CVE-2022-28331
- Windows systems are affected and vulnerable.
- Other operating systems are neither affected nor vulnerable.
- Windows systems are affected and vulnerable.
![](/support/pages/system/files/support/swg/swgdnld.nsf/0/e2a015e4a866ba248525811c006a745f/Content/0.84.gif)
The interim fix for this APAR has been superseded by a later interim fix. Download and install the interim fix for PH53014 to resolve this APAR.
Prerequisites
Installation Instructions
Review the readme.txt for detailed installation instructions.
URL | SIZE(Bytes) |
---|---|
V90 IM readme file | 2210 |
V85 IM readme file | 2157 |
V90 archive readme file | 1528 |
Download Package
![](/support/pages/system/files/support/swg/swgdnld.nsf/0/e2a015e4a866ba248525811c006a745f/Content/0.84.gif)
The interim fix for this APAR has been superseded by a later interim fix. Download and install the interim fix for PH53014 to resolve this APAR.
Problems Solved
PH51982, PH49572, PH50316
Change History
- February 27: Add links to IFPH52754 for 8.5.5
Technical Support
Contact IBM Support at https://www.ibm.com/mysupport/ or 1-800-IBM-SERV (US only).
Document Location
Worldwide
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
15 March 2023
UID
ibm16955257