Boletines de Vulnerabilidades

IBM Security Bulletin: ClassLoader manipulation with Apache Struts affecting IBM Records Manager, IBM Content Manager Records Enabler and WebSphere Application Server shipped with IBM Records Manager


Información sobre el sistema
   
Software afectado IBM

Descripción
There is a ClassLoader manipulation vulnerability in Apache Struts that is used by IBM Records Manager and IBM Content Manager Records Enabler. The security vulnerability has also been identified in WebSphere Application Server shipped with IBM Records Manager. CVE(s): CVE-2014-0114 Affected product(s) and affected version(s): Affected Principle Products and Versions Affected Supporting Product and Versions IBM Records Manager Version 8.4 WebSphere Application Server Version 6.1

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_classloader_manipulation_with_apache_struts_affecting_ibm_records_manager_ibm_content_manager_records_enabler_and_websphere_application_server_shipped_with_ibm_records_manage

Identificadores estándar
Propiedad Valor
CVE

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-06-21

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT