IBM7147B72B0537A00393FB808533C114E94C4EC044FE8F06504C604464F1FBA696

HistoryMar 31, 2022 - 2:52 a.m.

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721)

2022-03-3102:52:28

www.ibm.com

ibm security access manager

ibm websphere application server

ibm http server

cve-2022-22719

cve-2022-22720

cve-2022-22721

EPSS

0.314

Percentile

97.0%

JSON

Summary

IBM Security Access Manager for Enterprise Single Sign-On includes IBM WebSphere Application Server. IBM WebSphere Application Server in turn uses IBM HTTP Server. Information about vulnerabilities in IBM HTTP Server affecting IBM WebSphere Application Server has been published in a security bulletin (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721).

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Security Access Manager for Enterprise Single-Sign On	8.2.0, 8.2.1, 8.2.2

Remediation/Fixes

IBM strongly encourages customers to update their systems rapidly.

Principal Product and Version(s)	Affected Supporting Product and Version	Affected Supporting Product Security Bulletin
IBM Security Access Manager for Enterprise Single Sign-On 8.2.0	IBM WebSphere Application Server 7.0	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721)
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1	IBM WebSphere Application Server 7.0, 8.5	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721)
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2	IBM WebSphere Application Server 8.5	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721)

Workarounds and Mitigations

None

EPSS

0.314

Percentile

97.0%

JSON

Related for 7147B72B0537A00393FB808533C114E94C4EC044FE8F06504C604464F1FBA696