Skip to main content


Fix Available: Possible risk when using Web based applications on WebSphere Application Server

 Flash (Alert)
 
Abstract
IBM WebSphere Portal, Lotus Workplace Web Content Management, Lotus Quickr services for WebSphere Portal, Lotus Expeditor Server, Lotus Forms, Lotus Connections, Lotus Sametime Advanced and Gateway and Workplace Collaborative Learning might be affected by this security exposure. Web applications created with WebSphere Portlet Factory, WebSphere Dashboard Framework, Lotus ActiveInsight, Lotus Mashups, and Lotus Workforce Management builders might also be affected.
 
Content
Administrators are advised to follow the WebSphere Application Server support team recommendations and protect their environments.
Affected versions of the Application Server include:
IBM WebSphere Application Server versions 5.1 through 5.1.1.19, 6.0 through 6.0.2.33, 6.1 through 6.1.0.22, and 7.0 through 7.0.0.1 (V7.0.0.2 does not exist).

This problem does not occur on versions 6.0.2.35 (6.0.2.34 for WebSphere Application Server for z/OS) or later, 6.1.0.23 or later, and 7.0.0.3 or later.

For more information, refer to the Flash technote from WebSphere Application Server support entitled "Potential risk when using Web based applications on WebSphere Application Server (PK81387)" (#1376806).

Be sure to check with the WebSphere Application Server support page for or additional details and information on important product updates:
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Enterprise Content ManagementLotus Web Content ManagementPortal IntegrationAIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS6.1Java edition
Enterprise Content ManagementWorkplace Web Content ManagementPortal IntegrationAIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS6.0Java edition
Organizational Productivity- Portals & CollaborationLotus Quickr Linux, Windows8.1, 8.0
Organizational Productivity- Portals & CollaborationWebSphere Portal End of Support ProductsWebSphere Application Server IntegrationAIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS5.1
Organizational Productivity- Portals & CollaborationLotus ActiveInsight
Organizational Productivity- Portals & CollaborationLotus Workforce Management
Organizational Productivity- Portals & CollaborationWebSphere Dashboard Framework
Organizational Productivity- Portals & CollaborationWebSphere Portlet Factory
Software DevelopmentLotus Mashups
Organizational Productivity- Portals & CollaborationLotus Forms
Organizational Productivity- Portals & CollaborationLotus Connections 2.0.1, 2.0
Organizational Productivity- Portals & CollaborationLotus SametimeSametime Advanced8.0
Organizational Productivity- Portals & CollaborationLotus SametimeSametime Gateway8.0
Organizational Productivity- Portals & CollaborationWorkplace Collaborative Learning 2.7
 
 

Copyright and trademark information

IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.

Rate this page

Please take a moment to complete this form to help us better serve you.

This material provides me with the information I need.






This material is clear and easy to understand.






Did the information help you to achieve your goal?

What updates, improvements, or related information would you like to see in this document?

Your response will be used to improve our document content. Requests for assistance, if applicable, should be submitted through your normal support channel as we cannot respond from this site.

Input the verification number to submit feedback:


Close [x]

Maintenance Window

  • The IBM Technical support pages, including the Downloads and Drivers Finders will be temporarily unavailable for up to 2 hours due to planned maintenance. This will take place between Saturday December 5, 2009 9:00 PM ET and Sunday, December 6, 2009 4:30 AM ET. During the maintenance, you will not be able to search or download from these pages.

Close [x]

Unscheduled Maintenance Window

There is no unscheduled maintenance scheduled at this time.

Document information

Product categories:

Software

Organizational Productivity, Portals & Collaboration

Portals

WebSphere Portlet Factory

Operating system(s):

AIX, HP-UX, Linux, Solaris, Windows, i5/OS, z/OS

Software version:

6.0, 6.1

Software edition:

Enable, Express, Extend, Server

Reference #:

1378242

IBM Group:

Software Group

Modified date:

2009-04-06

Translate my page

Rate this page

Availability Notices