IBM WebSphere Application Server is shipped as a component of Tivoli Workload Scheduler. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.
Please consult the security bulletin <http://www-01.ibm.com/support/docview.wss?uid=swg21987864> for vulnerability details and information about fixes
IBM Workload Scheduler is potentially impacted by the listed vulnerability since it potentially affects secure communications between eWAS and subcomponents.
The affected version is:
Tivoli Workload Scheduler Distributed 8.6.0
Tivoli Dynamic Workload Console 8.6.0
Tivoli Workload Scheduler z/OS Connector 8.6.0
IBM has provided patches for all embedded WebSphere versions.
Follow the instructions in the link below to install the fixes for eWAS 7.0.0.39 that is embedded in TWS 8.6 fixpack 04 :
<http://www-01.ibm.com/support/docview.wss?uid=swg21987864>
For TWS 8.6 version, the fixes can be applied only on top of TWS 8.6 fixpack 04.
For_ unsupported versions, releases or platforms__ IBM recommends upgrading to a fixed, supported version/release/platform of the product._
none