Home Unlabelled IBM Security Bulletin: WebSphere Application Server may have insecure file permissions (CVE-2017-1382)

IBM Security Bulletin: WebSphere Application Server may have insecure file permissions (CVE-2017-1382)

By
Friday, July 21, 2017
Read
Add Comment

WebSphere Application Server may have insecure file permissions after custom startup scripts are run. The custom startup script will not pull the umask from the server.xml. This may cause some log files to have different permissions then expected.

CVE(s): CVE-2017-1382

Affected product(s) and affected version(s):

This vulnerability affects the following versions and releases of IBM WebSphere Application Server:

  • Version 9.0
  • Version 8.5
  • Version 8.0
  • Version 7.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2uik5Gz
X-Force Database: http://ift.tt/2uQ5lBY

The post IBM Security Bulletin: WebSphere Application Server may have insecure file permissions (CVE-2017-1382) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2uhMnRr
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us