Flash (Alert)
Abstract
There is a possible security exposure when you use WS-Security, which can result in a user gaining elevated privileges. This issue impacts applications that are using either JAX-WS and JAX-RPC.
Content
This WebSphere Application Server issue affects the following products in the Business Process Management family of products due to the WebSphere Application Server underlying infrastructure:
- IBM Business Process Manager Advanced
- WebSphere Enterprise Service Bus
- WebSphere Process Server
For more information on this WebSphere Application Server issue, see Possible security exposure with WebSphere Application Server with WS-Security enabled applications using LTPA tokens (PM43585/PM43792/PM45181).
| Segment | Product | Component | Platform | Version | Edition |
|---|---|---|---|---|---|
| Business Integration | IBM Business Process Manager Advanced | Not Applicable | AIX, Linux, Linux zSeries, Solaris, Windows, z/OS | 8.0, 7.5.1, 7.5.0.1, 7.5 | |
| Business Integration | WebSphere Process Server | Not Applicable | AIX, HP-UX, i5/OS, Linux, Linux zSeries, Solaris, Windows, z/OS | 7.0.0.5, 7.0.0.4, 7.0.0.3, 7.0.0.2, 7.0.0.1, 7.0, 6.2.0.3, 6.2.0.2, 6.2.0.1, 6.2, 6.1.2.3, 6.1.2.2, 6.1.2.1, 6.1.2, 6.1.0.4, 6.1.0.3, 6.1.0.2, 6.1.0.1, 6.1 |
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.