IBM1074602D6266E73D5E3973727FB98A0D77D11E3223778950D11627C3D6D055E9

HistoryOct 01, 2021 - 2:49 a.m.

Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2021-39275)

2021-10-0102:49:10

www.ibm.com

0.006 Low

EPSS

Percentile

79.5%

JSON

Summary

IBM WebSphere Application Server is shipped with IBM Security Access Manager for Enterprise Single Sign-On. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

8.2.0, 8.2.1, 8.2.2

Remediation/Fixes

Principal Product and Version(s)	Affected Supporting Product and Version	Affected Supporting Product Security Bulletin
IBM Security Access Manager for Enterprise Single Sign-On 8.2.0	IBM WebSphere Application Server 7.0	Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1	IBM WebSphere Application Server 7.0, 8.5	Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2	IBM WebSphere Application Server 8.5	Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security access manager for enterprise single sign-oneq8.2.0
ibm security access manager for enterprise single sign-oneq8.2.1
ibm security access manager for enterprise single sign-oneq8.2.2

Name	Operator	Version
ibm security access manager for enterprise single sign-on	eq	8.2.0
ibm security access manager for enterprise single sign-on	eq	8.2.1
ibm security access manager for enterprise single sign-on	eq	8.2.2