IBM Security Bulletin: A security vulnerability has been identified in WebSphere Application Server used by IBM PureApplication System (CVE-2017-12613)

The Apache Portable Runtime (APR) could allow a remote attacker to obtain sensitive information or cause a denial of service. IBM WebSphere Application Server is shipped as a component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

CVE(s): CVE-2017-12613

Affected product(s) and affected version(s):

IBM PureApplication System V2.1.0.0
IBM PureApplication System V2.1.0.1
IBM PureApplication System V2.1.0.2
IBM PureApplication System V2.1.1.0
IBM PureApplication System V2.1.2.0
IBM PureApplication System V2.1.2.1
IBM PureApplication System V2.1.2.2
IBM PureApplication System V2.1.2.3
IBM PureApplication System V2.1.2.4
IBM PureApplication System V2.2.0.0
IBM PureApplication System V2.2.2.1
IBM PureApplication System V2.2.2.2
IBM PureApplication System V2.2.3.0
IBM PureApplication System V2.2.3.1
IBM PureApplication System V2.2.3.2
IBM PureApplication System V2.2.4.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22016416
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134049

The post IBM Security Bulletin: A security vulnerability has been identified in WebSphere Application Server used by IBM PureApplication System (CVE-2017-12613) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2LROP9R