IC92007: SECURITY VULNERABILITY: SESSION ID LENGTH LESS THAN 128 BIT Insufficient Session-ID Length (CVE-2013-0539)

Direct link to fix

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Security vulnerability: Session ID Length less than 128 bit
    Insufficient Session-ID Length (CVE-2013-0539)
    

Local fix

Problem summary

  • Users Affected:
    All users.
    Problem Description:
    Jetty session id length is less than 128 bit
    Platforms Affected:
    All platforms.
    

Problem conclusion

  • Resolution Summary:
    Security vulnerability has been resolved.
    
    Delivered In:
    5104_1
    5020401_3
    5010
    5020402
    

Temporary fix

Comments

APAR Information

  • APAR number

    IC92007

  • Reported component name

    STR B2B INTEGRA

  • Reported component ID

    5725D0600

  • Reported release

    510

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-04-30

  • Closed date

    2013-04-30

  • Last modified date

    2013-12-06

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    STR B2B INTEGRA

  • Fixed component ID

    5725D0600

Applicable component levels

  • R510 PSY

       UP



Rate this page:

(0 users)Average rating

Document information


More support for:

Sterling B2B Integrator

Software version:

5.1

Reference #:

IC92007

Modified date:

2013-12-06

Translate my page

Machine Translation

Content navigation