Security Bulletin: Potential security vulnerability in IBM WebSphere Application Server for Bluemix if FIPS 140-2 is enabled (CVE-2016-0306) and multiple vulnerabilities in Samba – including Badlock (CVE-2016-2118)
  • WebSphere Application Server
  • Sydney
    United Kingdom
    US South
  • Description
    There is a potential security vulnerability in IBM WebSphere Application Server if FIPS 140-2 is enabled. Samba vulnerabilities were disclosed on April 12, 2016. IBM WebSphere Application Server for Bluemix has addressed the applicable CVEs including the vulnerability commonly referred to as “Badlock”.

    A user action is needed to update your instances.

    For more information, see the security bulletin.