Update: WebSphere Application Server (WAS) APAR PK54565 addresses a Lotus Connections specific security vulnerability with the Connections Login Model. WebSphere Application Server customers who are not using Lotus Connections are not impacted
After installing fixpack 22.214.171.124 for WebSphere Application Server, an application may be able to invoke an internal login module in an incorrect fashion.
This only applies to an application internal login, and does not apply to a client login.
* RECOMMENDATION: *
WebSphere Application Server has been modified to properly handle this type of login. IBM strongly urges all Lotus Connections customers to apply the patch immediately to all deployments. Please install 126.96.36.199-WS-WAS-IFPK54565.pak for WebSphere fixpack 188.8.131.52 available at:http://www-933.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Application+Server&release=All&platform=All&function=fixId&fixids=184.108.40.206-WS-WAS-IFPK54565&source=fc
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.