\n## Summary<\/p>\n
Identity Insight customers are advised to update IBM WebSphere Liberty Profile (WLP) to version 25.0.0.4 for security update in WLP.<\/p>\n
## Vulnerability Details<\/p>\n
Refer to the security bulletin(s) listed in the Remediation\/Fixes section<\/p>\n
## Affected Products and Versions<\/p>\n
Affected Product(s) | Version(s)
—|—
IBM InfoSphere Identity Insight | 9.0.0.1
IBM InfoSphere Identity Insight | 10.0.0.0 <\/p>\n
## Remediation\/Fixes<\/p>\n
The listed vulnerability issues are addressed.<\/p>\n
CVE-ID | Description
—|—
CVE-2025-23184 | IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Apache CXF For details, please refer to https:\/\/www.ibm.com\/support\/pages\/node\/7229079
CVE-2023-50314 | IBM WebSphere Application Server Liberty is vulnerable to information disclosure. The fix is available in WLP 24.0.0.9. Beginning with WLP 24.0.0.9, WebSphere Liberty performs hostname verification on SSL certificates. A new collection of properties can be used to configure or disable the hostname verification behavior. For details, please refer to https:\/\/www.ibm.com\/support\/pages\/node\/7163230
CVE-2024-25026 | IBM WebSphere Application Server Liberty is vulnerable to a denial of service, caused by sending a specially crafted request.
CVE-2024-22354 | IBM WebSphere Application Server Liberty is vulnerable to an XML External Entity (XXE) attack when processing XML data.
CVE-2024-22329 | IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery.
CVE-2023-50312 | IBM WebSphere Application Server Liberty could provide weaker than expected security for outbound TLS connections.
CVE-2023-46158 | IBM WebSphere Application Server Liberty could provide weaker than expected security due to improper resource expiration handling. <\/p>\n
**Steps**<\/p>\n
This section provides instructions on how to update WebSphere Liberty Profile used in InfoSphere Identity Insight (II) to WLP 25.0.0.4.<\/p>\n
1. Download wlp-base-all-25.0.0.4.jar from Fix Central. <\/p>\n
2. Stop Liberty Server
Windows
\\bin\\stopIIServer.bat
Linux\/AIX
\/bin\/stopIIServer <\/p>\n 3. Backup the wlp directory in the by renaming it.
* Find out what version of the current wlp in by viewing \/wlp\/usr\/servers\/iiServer\/logs\/messages.log. The wlp version is shown at the beginning of the file.
* Rename the wlp directory to wlp__< version>_, substitute _< version>_ with the version number of the current wlp.
Windows
move \\wlp \\wlp_
Linux\/AIX
mv \/wlp \/wlp_ <\/p>\n 4. Extract wlp-base-all-25.0.0.4 JAR file into Identity Insight Installation directory ().
java -jar wlp-base-all-25.0.0.4.jar –acceptLicense <\/p>\n 5. Copy Liberty Server configuration files to the newly installed WLP directory.
Windows
xcopy \/S \/I \\wlp_\\usr\\servers\\iiServer \\wlp\\usr\\servers\\iiServer
Linux\/AIX
cp -rp \/wlp_\/usr\/servers\/iiServer \/wlp\/usr\/servers\/iiServer <\/p>\n 6. Remove ‘workarea’ and ‘tranlog’ directories from the newly installed WLP directory.
Windows
rd \/s \/q \\wlp\\usr\\servers\\iiServer\\workarea
rd \/s \/q \\wlp\\usr\\servers\\iiServer\\tranlog
Linux\/AIX
rm -fr \/wlp\/usr\/servers\/iiServer\/workarea
rm -fr \/wlp\/usr\/servers\/iiServer\/tranlog <\/p>\n 7. Configure or disable the hostname verification.
Beginning with WLP 24.0.0.9, Liberty performs hostname verification on SSL certificates. When Liberty is acting as a client connecting to an outbound server (such as pipeline, db2 server, ldap server), the runtime now checks to make sure the hostname value from the server certificate’s Subject Alternative Name (SAN) matches the hostname value used when establishing the connection. A new collection of properties can be used to configure or disable the hostname verification behavior. For details, please refer to https:\/\/www.ibm.com\/support\/pages\/node\/7163230 <\/p>\n
8. Verify the updated WLP is used in Identity Insight.
* Start Libertyy Server
Windows
\\bin\\startIIServer.bat
Linux\/AIX
\/bin\/startIIServer
* Check the WLP version number logged in \/wlp\/usr\/servers\/iiServer\/logs\/messages.log.<\/p>\n## Workarounds and Mitigations<\/p>\n
None<\/p>\n
##\n<\/p><\/div>\n
View Advisory Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"Security Update News Update Information Title Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update Update ID 15C889A91631821917484807E31D550258875BB6FBCAB47AB403089641432860 Type ibm Published…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[9,6,8,35,12,76,13,7,11,5],"class_list":["post-4110","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-ibm","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n
Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=4110\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Security Update News Update Information Title Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update Update ID 15C889A91631821917484807E31D550258875BB6FBCAB47AB403089641432860 Type ibm Published...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=4110\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-13T01:04:45+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4110#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4110\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update\",\"datePublished\":\"2025-05-13T01:04:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4110\"},\"wordCount\":647,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CRITICAL\",\"CVE\",\"CVSS\",\"CVSS-9.8\",\"exploit\",\"ibm\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=4110#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4110\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4110\",\"name\":\"Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-05-13T01:04:45+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4110#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=4110\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=4110#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=4110","og_locale":"en_US","og_type":"article","og_title":"Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update - zero redgem","og_description":"Security Update News Update Information Title Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update Update ID 15C889A91631821917484807E31D550258875BB6FBCAB47AB403089641432860 Type ibm Published...","og_url":"https:\/\/zero.redgem.net\/?p=4110","og_site_name":"zero redgem","article_published_time":"2025-05-13T01:04:45+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=4110#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=4110"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update","datePublished":"2025-05-13T01:04:45+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=4110"},"wordCount":647,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CRITICAL","CVE","CVSS","CVSS-9.8","exploit","ibm","news","Security","tapic","Vulnerability"],"articleSection":["category_news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=4110#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=4110","url":"https:\/\/zero.redgem.net\/?p=4110","name":"Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-05-13T01:04:45+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=4110#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=4110"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=4110#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/4110","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4110"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/4110\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4110"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4110"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4110"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}