IBM Security Bulletin: A security vulnerability in IBM WebSphere Application Server affects IBM Security Access Manager for Web (CVE-2015-2017)
IBM Security Access Manager for Web is affected by a HTTP response splitting vulnerability in IBM WebSphere Application Server.
CVE(s): CVE-2015-2017
Affected product(s) and affected version(s):
IBM Security Access Manager for Web 8.0, all firmware versions
IBM Security Access Manager for Web 9.0, all firmware versions
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/23T5CKE
X-Force Database: http://ift.tt/1NzQBek
from IBM Product Security Incident Response Team http://ift.tt/23T5CdC