WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) | Status | Note |
---|---|---|---|
IBM Business Automation Workflow traditional | V23.0.1 - V23.0.2 | ||
V22.0.1 - v22.0.2 | |||
V21.0.1 - V21.0.3.1 | |||
V20.0.0.1 - V20.0.0.2 | |||
V19.0.0.1 - V19.0.0.3 | |||
V18.0.0.0 - V18.0.0.2 | Affected | Cumulative Fixes cannot automatically install interim fixes for the base Application Server. It is important to follow the complete installation instructions and manually ensure that recommended security fixes are installed. | |
IBM Business Automation Workflow Enterprise Service Bus | V23.0.1 - V23.0.2 | ||
V22.0.2 | Affected | Cumulative Fixes cannot automatically install interim fixes for the base Application Server. It is important to follow the complete installation instructions and manually ensure that recommended security fixes are installed. |
For earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.
Please consult the Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to server-side request forgery (CVE-2024-22329) for vulnerability details and information about fixes.
None