WebSphere Application Server Traditional is shipped as a component of IBM Business Automation Workflow. WebSphere Application Server Liberty is shipped as part of the optional components Process Federation Server (since 8.5.6), and User Management Service (since 18.0.0.1) in IBM Business Automation Workflow. Information about security vulnerabilities in IBM HTTP Server affecting IBM WebSphere Application Server Traditional and IBM WebSphere Application Server Liberty have been published.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) | Status |
---|---|---|
IBM Business Automation Workflow traditional | V23.0.1 - V23.0.2 | |
V22.0.1 - V22.0.2 | ||
V21.0.1 - V21.0.3.1 | ||
V20.0.0.1 - V20.0.0.2 | ||
V19.0.0.1 - V19.0.0.3 | ||
V18.0.0.0 - V18.0.0.1 | affected | |
IBM Business Automation Workflow traditional Enterprise Service Bus | V23.0.1 - V23.0.2 | |
V22.0.2 | affected |
Please consult the Security Bulletin: IBM HTTP Server is vulnerable to HTTP response splitting due to the included Apache HTTP Server (CVE-2024-24795, CVE-2023-38709) for vulnerability details and information about fixes.
None