Security bulletins

WebSphere Commerce releases security bulletins for APARs that address issues that are considered to be security vulnerabilities. These bulletins provide security risk assessment information to help you assess if a particular issue might impact our organization.

WebSphere Commerce lists each vulnerability in the IBM ISS X-Force vulnerability reporting system. Before each bulletin is published, the vulnerability is carefully researched and analyzed by the product development organization and an X-Force research team of security experts to rate and assess the risk. The X-Force team uses the industry-standard Common Vulnerability Scoring System (CVSS) to produce the rating.

To avoid preventable security issues, IBM recommends that you stay up to date on the most current maintenance options for our products. We can also subscribe to the security bulletins for each of your products as provided in this link, IBM Security Bulletins.

• Subscribe to WebSphere Commerce security bulletins.

• View all published security bulletins.

• Learn more about the IBM Product Security Incident Response Team (PSIRT).