IBM Support

PH01621:Potential cross-site scripting vulnerability in WebSphere Application Server Admin Console (CVE-2018-1777)

Download


Abstract

Confidential for Security Integrity ifix CVE-2018-1777

Download Description

PH01621 resolves the following problem:

ERROR DESCRIPTION:
Potential cross-site scripting vulnerability in WebSphere Application Server Admin Console (CVE-2018-1777)

PROBLEM SUMMARY:
Potential cross-site scripting vulnerability in WebSphere Application Server Admin Console (CVE-2018-1777)

PROBLEM CONCLUSION:
Confidential for Security Integrity ifix CVE-2018-1777.

THE FOLLOWING FIXES ARE PROVIDED:
7.0.0.45-WS-WAS-IFPH01621.pak applies to WebSphere Application Server fix pack 7.0.0.45.
7.0.0.45-WS-WASEmbeded-IFPH01621.pak applies to Embedded WebSphere Application Server fix pack 7.0.0.45.
8.0.0.15-WS-WASProd-IFPH01621.zip applies to WebSphere Application Server fix pack 8.0.0.15.
8.0.0.15-WS-WASEmbeded-IFPH01621.zip applies to Embedded WebSphere Application Server fix pack 8.0.0.15.
8.5.5.13-WS-WAS-IFPH01621.zip applies to WebSphere Application Server fix packs 8.5.5.13 through 8.5.5.14.
9.0.0.8-WS-WAS-IFPH01621.zip applies to WebSphere Application Server fix packs 9.0.0.8 through 9.0.0.9.

The fix for this APAR is currently targeted for inclusion in fix packs 8.5.5.15 and 9.0.0.10. Please refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

None

Installation Instructions

Please review the readme.txt for detailed installation instructions.

URL SIZE(Bytes)
V90 Readme 2168
V85 Readme 2260
V80 Readme 2192
V70 Readme 4883

 

Download Package

 

DOWNLOAD RELEASE DATE SIZE(Bytes)

DOWNLOAD Options

What is Fix Central(FC)?

9.0.0.8-WS-WAS-IFPH01621 10-11-2018 287946 FC
8.5.5.13-WS-WAS-IFPH01621 10-11-2018 288022 FC
8.0.0.15-WS-WASEmbeded-IFPH01621 10-11-2018 277116 FC
8.0.0.15-WS-WASProd-IFPH01621 10-11-2018 282430 FC
7.0.0.45-WS-WAS-IFPH01621 10-11-2018 36473 FC
7.0.0.45-WS-WASEmbeded-IFPH01621 10-11-2018 30169 FC

 

Problems Solved

PH01621

On

Technical Support

Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the support web site, or contact 1-800-IBM-SERV (U.S. only).

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF013","label":"Inspur K-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"7.0.0.45;8.0.0.15;8.5.5.13;8.5.5.14;9.0.0.8;9.0.0.9","Edition":"Advanced,Base,Developer,Enterprise,Express,Network Deployment,Single Server","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
12 October 2018

UID

ibm10735087