An IBM WebSphere Application Server Vulnerability has been addressed.


On July 8, 2022, The National Vulnerability Database published that IBM WebSphere Application Server Liberty through and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. It was given a score of 8.8 (High).

See IBM X-Force ID: 225604

On July 27 IBM published the following recommendations and fixes:

For IBM WebSphere Application Server Liberty – using the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature(s):
· Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix PH47867
· Apply Liberty Fix Pack or later (targeted availability 3Q2022).