Security Bulletin: Information disclosure in Liberty for Java for IBM Cloud (CVE-2017-1681, CVE-2013-6440)
  • Liberty for Java
  • Sydney
    Frankfurt
    London
    Washington DC
    Dallas
  • Description
    There is a potential information disclosure vulnerability in WebSphere Application Server. There is an information disclosure due to an XML external entity (XXE) vulnerability when using the OpenSAML features in WebSphere Application Server Liberty.

    A user action is needed to update your instances.

    For more information, see the security bulletin.