Security Bulletin: SSL certificate validation disabled through a vulnerability in the Auto-Scaling for Bluemix service agent (CVE-2016-0323)
  • Auto-Scaling
  • Sydney
    United Kingdom
    US South
  • Description
    Liberty for Java applications bound to the Auto-Scaling for Bluemix service have SSL certificate validation disabled through a vulnerability in the agent for the service. The default SSL connection factory for HTTPS requests is set to bypass all trust management in this vulnerability.

    User action is needed to restage your applications.

    See the link at the end of this notification for details.