IBM Security Bulletin: Vulnerability in IBM® WebSphere™ Application Server and IBM WebSphere Application Server Liberty affects IBM SPSS Analytic Server (CVE-2016-5986)

IBM® WebSphere™ Application Server and IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by the improper handling of responses under certain conditions. An attacker could exploit this vulnerability to gain server identification information.

CVE(s): CVE-2016-5986

Affected product(s) and affected version(s):

IBM SPSS Analytic Server 2.0.0.0
IBM SPSS Analytic Server 2.1.0.0
IBM SPSS Analytic Server 3.0.0.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2jEwM8h
X-Force Database: http://ift.tt/2jf3D6W



from IBM Product Security Incident Response Team http://ift.tt/2jf9B7S