IBM Security Bulletin: Information disclosure in WebSphere Application Server Liberty (CVE-2016-2923)

There is an information disclosure vulnerability in IBM WebSphere Application Server Liberty for any users of the JAX-RS API.

CVE(s): CVE-2016-2923

Affected product(s) and affected version(s):

This vulnerability affects the following versions and releases of IBM WebSphere Application Server Liberty for any user of the JAX-RS API

  • Version 8.5.5 Liberty
  • Version 8.5 Liberty

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2975owU
X-Force Database: http://ift.tt/28XWbJc



from IBM Product Security Incident Response Team http://ift.tt/2974LUt