OpenPages GRC Platform 6.2.1.1 Interim Fix 1

Downloadable files


Abstract

An issue has been identified in IBM OpenPages GRC Platform 6.2.1.1 for which an interim fix is now available. It is strongly recommended this fix be installed as soon as possible.

Download Description

This interim fix addresses the Apache Struts 1.x security vulnerability CVE-2014-0114 in IBM OpenPages GRC Platform 6.2.1.1 (i.e. 6.2.1 Fix Pack 1). The ActionForm object in Apache Struts 1.x through 1.3.10 allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, which is passed to the getClass method.

It is strongly recommended this fix be applied to all of your OpenPages GRC Platform 6.2.1.1 environments as soon as possible.

Prerequisites

This interim fix requires that IBM OpenPages GRC Platform 6.2.1 Fix Pack 1 is already installed.

Installation Instructions

1. Download the appropriate release for your server architecture.
2. Copy the downloaded patch to the application server.
3. Extract patch.
4. Follow the installation instructions in the 6.2.1.1.1_OP_Patch_Readme.pdf located in the extracted patch directory.

Download package

Problems solved

Download RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
What is Fix Central (FC)?
OpenPages GRC 6.2.1.1 IF1 for WebSphere 30 May 2014 Language Independent 20000 FC
OpenPages GRC 6.2.1.1 IF1 for WebLogic 30 May 2014 Language Independent 20000 FC

Rate this page:

(0 users)Average rating

Document information


More support for:

OpenPages GRC Platform

Software version:

6.2.1

Operating system(s):

Platform Independent

Software edition:

All Editions

Reference #:

4037655

Modified date:

2014-05-30

Translate my page

Machine Translation

Content navigation