IBM Security Bulletin: IBM WebSphere Application Server Liberty Profile vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2016-3092, CVE-2016-5986)

IBM WebSphere Application Server Liberty Profile as embedded in TADDM is potentially vulnerable to a denial of service caused by an error in the Apache Commons FileUpload component. It is also potentially vulnerable to a remote attack where the attacker could obtain sensitive information as a consequence of improperly handled responses under certain circumstances.

CVE(s): CVE-2016-5986, CVE-2016-3092

Affected product(s) and affected version(s):

TADDM 7.3.0.1-7.3.0.3

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2liEuIA
X-Force Database: http://ift.tt/2ccJKps
X-Force Database: http://ift.tt/2bozrA8

The post IBM Security Bulletin: IBM WebSphere Application Server Liberty Profile vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2016-3092, CVE-2016-5986) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2m8eyxK