JR49200: Web UI vulnerabilities could lead to blind SQL injection attacks

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Web console vulnerabilities could lead to blind SQL injection
    attacks
    

Local fix

Problem summary

  • ****************************************************************
    PROBLEM DESCRIPTION:
    Web UI vulnerabilities could lead to blind SQL injection attacks
    CVE-2013-4058
    ****************************************************************
    RECOMMENDATION:
    Refer to the following Security Bulletin for remediation:
    http://www-01.ibm.com/support/docview.wss?uid=swg21666684
    ****************************************************************
    

Problem conclusion

  • The recommended solution is to apply the fix as soon as
    practical.
    

Temporary fix

Comments

APAR Information

  • APAR number

    JR49200

  • Reported component name

    WS INFORM. SRVC

  • Reported component ID

    5724Q3600

  • Reported release

    850

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2014-01-30

  • Closed date

    2014-03-31

  • Last modified date

    2014-03-31

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Modules/Macros

  • Domain
    

Fix information

  • Fixed component name

    WS INFORM. SRVC

  • Fixed component ID

    5724Q3600

Applicable component levels

  • R850 PSY

       UP

  • R870 PSY

       UP

  • R912 PSY

       UP

  • R801 PSN

       UP

  • R810 PSN

       UP

  • R910 PSN

       UP



Rate this page:

(0 users)Average rating

Document information


More support for:

InfoSphere Information Services Director

Software version:

8.5

Reference #:

JR49200

Modified date:

2014-03-31

Translate my page

Machine Translation

Content navigation