IBM Support

Security Bulletins for WebSphere Application Server



This security bulletin for WebSphere Application Server is a way for you to obtain security risk assessment information for APARs that are considered Security Integrity. If there is any potential risk of exposure, the APAR will be marked as Security Integrity. Some APARs are marked as Security Integrity that are low risk and do not impact every client. The intention is to provide enough risk assessment information to allow you to assess if a particular APAR will impact your organization.

Each Security Integrity APAR will be listed by leveraging the IBM Xforce vulnerability reporting system. Each APAR is carefully researched and properly analyzed by WebSphere development and an IBM X-Force research team of security experts to properly rate and assess the risk of the vulnerability. The IBM X-Force team uses the industry standard Common Vulnerability Scoring System (CVSS) process for rating.

You can use this information in order to assess if a particular Security Integrity APAR applies to your environment.


If you subscribe to My Notifications you will be notified every time a new Security bulletin is published for WebSphere Application Server. You can also refer to the Recommended fixes for WebSphere Application Server document Fix List for links to security bulletins.

Get Notified about Future Security Bulletins

Subscribe to My Notifications to be notified of important product support alerts like this.

Important note: IBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the System z Security web site. Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk.

Document information

More support for: WebSphere Application Server

Software version: 5.1, 6.0, 6.1, 7.0, 8.0, 8.5, 8.5.5

Operating system(s): AIX, HP-UX, IBM i, Linux, Solaris, Windows, z/OS

Reference #: 1368398

Modified date: 08 February 2009

Translate this page: