Security Bulletin: IBM Operations Analytics Predictive Insights is vulnerable to multiple vulnerabilities due to the use of IBM SDK, Java Technology Edition.

Workarounds and Mitigations

Installation Instructions – Workaround A
-------------------------------------------------------
As the user that installed the Predictive Insights UI component, e.g. scadmin

1. Download the latest 1.3.6 iFix from FixCentral and apply an upgrade of the UI component only, so that the UI becomes a 1.3.6 UI.
2. Continue with workaround B

Remove Update Instructions – Workaround A
--------------------------------------------------------------
As the user that installed the Predictive Insights UI component, e.g. scadmin
1. rollback the iFix that was applied, by executing './patch_PI_UI_136_iFix3.sh -rollback'. 

Installation Instructions – Workaround B
-------------------------------------------------------

To benefit from latest fixes and 3rd party libraries upgrade to latest 1.3.6 iFix

As the user that installed the Predictive Insights UI component, e.g. scadmin
1. Download ibm-java-sdk-8.0-7.0-linux-x86_64.tgz(157.53 MB) file from Fix Central - IBM SDK, Java(TM) Technology Edition, Version 8.0.7.0 for Linux 64-bit on Intel/ AMD, packaged as ibm-java-sdk-8.0-.7.0-linux-x86_64.tgz for WebSphere Liberty using archives. 
2. As the user that installed the Predictive Insights UI, stop the UI server used by IBM Operations Analytics Predictive Insights
<UI_HOME>/bin/pi.sh -stop
where UI_HOME is typically /opt/IBM/scanalytics/UI
3. cd <UI_HOME>
4. Rename JAVA SDK installation folder
mv ibm-java-x86_64-80 ibm-java-x86_64-80_orig
5. As the root user, or a user with sudo access, copy ibm-java-sdk-8.0-7.0-linux-x86_64.tgz into the <UI_HOME> folder. Then, if necessary, change the ownership of the new ibm-java-sdk-8.0-7.0-linux-x86_64.tgz SDK file.
e.g. chown scadmin:scadmin /opt/IBM/scanalytics/UI/ibm-java-sdk-8.0-7.0-linux-x86_64.tgz
6. Uncompress and untar the file. E.g. tar -xzvf ibm-java-sdk-8.0-7.0-linux-x86_64.tgz
This will create a new ibm-java-x86_64-80 in <UI_HOME>
7. As the user that installed the Predictive Insights UI, start the UI server
<UI_HOME>/bin/pi.sh -start

Remove Update Instructions – Workaround B
--------------------------------------------------------------
As the user that installed the Predictive Insights UI component, e.g. scadmin
1. As the user that installed the Predictive Insights UI, stop the UI server used by IBM Operations Analytics Predictive Insights
<UI_HOME>/bin/pi.sh -stop
2. As the root user, or a user with sudo access, run the ibm-java-x86_64-sdk-8.0-6.26.bin and follow the prompts to uninstall the Java that was installed to <UI_HOME>
3. As the user that installed the Predictive Insights UI, replace the JAVA SDK installation folder with the original
mv ibm-java-x86_64-80_orig ibm-java-x86_64-80
4. As the user that installed the Predictive Insights UI, start UI server
<UI_HOME>/bin/pi.sh -start