IBM Security Bulletin: IBM Tivoli Netcool Configuration Manager, Tivoli Integrated Portal which embeds WebSphere Application Server, is affected by Struts vulnerability (CVE-2014-0114)
Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. Struts 1 is used by IBM WebSphere Application Server (WAS) and thus by Tivoli Integrated Portal (TIP)...
via IBM Product Security Incident Response Team http://ibm.co/1qsh6oY
via IBM Product Security Incident Response Team http://ibm.co/1qsh6oY