Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to an attacker uploading arbitrary files and obtaining sensitive information (CVE-2023-45802, CVE-2023-31122)

​IBM HTTP Server (powered by Apache) used by IBM i is vulnerable to an attacker uploading arbitrary files due to improper validation (CVE-2023-45802) and obtaining sensitive information due to an out of bounds read flaw (CVE-2023-31122) as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerabilities as described in the remediation/fixes section. Read More