IBM Security Bulletin: IBM Cognos Controller is affected by HTTP response splitting attack in WebSphere Application Server (CVE-2015-2017)

There is a vulnerability in IBM WebSphere Application Server that could allow an HTTP response splitting attack in Channel.



CVE(s): CVE-2015-2017


Affected product(s) and affected version(s):

IBM Cognos Controller 10.2.1



Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/255Hb2u
X-Force Database: http://ift.tt/1NzQBek


from IBM Product Security Incident Response Team http://ift.tt/1ZXeOfP