Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server affecting IBM Tivoli Storage Manager FastBack Reporting (CVE-2016-5983)

Summary

IBM Tivoli Storage Manager FastBack Reporting requires the dependent product IBM WebSphere Application Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin Security Bulletin: Code execution vulnerability in WebSphere Application Server (CVE-2016-5983). for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Tivoli Storage Manager Fastback 6.1.0 through 6.1.12.1| IBM WebSphere Application Server 8.5.0.1 Full Profile
IBM Tivoli Storage Manager Fastback 6.1.12.2 through 6.1.12.4| IBM WebSphere Application Server 8.5.5.4 Full Profile
Note : WAS needs 8.5.5.8 as the minimal level for fixing the vulnerability, Please upgrade to WAS 8.5.5.8 to apply the fix.

Workarounds and Mitigations

None