IBM Support

PH11319:Cross-site scripting vulnerability in WebSphere Application Server Admin Console CVE-2019-4270

Download


Downloadable File

Abstract

Cross-site scripting vulnerability in WebSphere Application Server Admin Console (CVE-2019-4270)

Download Description

PH11319 resolves the following problem:
ERROR DESCRIPTION:
Cross-site scripting vulnerability in WebSphere Application Server Admin Console (CVE-2019-4270).
PROBLEM SUMMARY:
Cross-site scripting vulnerability in WebSphere Application Server Admin Console (CVE-2019-4270).
PROBLEM CONCLUSION:
Cross-site scripting vulnerability in WebSphere Application Server Admin Console (CVE-2019-4270).
The fix for this APAR is currently targeted for inclusion in fix pack 8.5.5.17 and 9.0.5.1.  Please refer to the Recommended Updates page for delivery information: 
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

Please download the UpdateInstaller below to install this fix.

URL SIZE(Bytes)
UpdateInstaller 7250000

Installation Instructions

Please review the readme.txt for detailed installation instructions.

URL SIZE(Bytes)
V70 Readme 5003
V80 Readme 2310
V85 Readme 2384
V90 Readme 2297

Download Package

DOWNLOAD RELEASE DATE SIZE(Bytes)

DOWNLOAD Options

What is Fix Central(FC)?

7.0.0.45-WS-WAS-IFPH11319 09-11-2019 80421 FC
7.0.0.45-WS-WASEmbeded-IFPH11319 09-11-2019 47080 FC
8.0.0.15-WS-WASProd-IFPH11319 09-11-2019 329769 FC
8.0.0.15-WS-WASEmbeded-IFPH11319 09-11-2019 297145 FC
8.5.5.13-WS-WASProd-IFPH11319 09-11-2019 329279 FC
8.5.5.14-WS-WASProd-IFPH11319 09-11-2019 329222 FC
8.5.5.15-WS-WASProd-IFPH11319 09-11-2019 329195 FC
8.5.5.16-WS-WASProd-IFPH11319 09-11-2019 330128 FC
9.0.0.8-WS-WASProd-IFPH11319 09-11-2019 330531 FC
9.0.0.10-WS-WASProd-IFPH11319 09-11-2019 328838 FC
9.0.0.11-WS-WASProd-IFPH11319 09-11-2019 329596 FC
9.0.5.0-WS-WASProd-IFPH11319 09-11-2019 329815 FC

Problems Solved

PH11319

On

Technical Support

Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the support web site, or contact 1-800-IBM-SERV (U.S. only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU004","label":"Hybrid Cloud"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z/OS"}],"Version":"7.0.0.45;8.0.0.15;8.5.5.13;8.5.5.14;8.5.5.15;8.5.5.16;9.0.0.10;9.0.0.11;9.0.0.8;9.0.0.9;9.0.5.0","Edition":"Advanced,Base,Developer,Enterprise,Express,Network Deployment,Single Server"}]

Document Information

Modified date:
16 September 2019

UID

ibm11073552