IBM Support

PH07036: Potential vulnerability in WebSphere Application Server (CVE-2018-1902)

Download


Downloadable File

File link File size File description

Abstract

Potential spoofing vulnerability in WebSphere Application Server (CVE-2018-1902)

Download Description

PH07036 resolves the following problem:

ERROR DESCRIPTION:
Potential spoofing vulnerability in WebSphere Application Server (CVE-2018-1902)

PROBLEM SUMMARY:
Potential spoofing vulnerability in WebSphere Application Server (CVE-2018-1902)

PROBLEM CONCLUSION:
The vulnerability has been fixed. The fix for this APAR is currently targeted for inclusion in fix packs 8.5.5.16, 9.0.0.11, and Liberty 19.0.0.3.
Please refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Superseded Note:
These interim fixes for PH07036 have been superseded by the interim fixes for
'PH06340: Potential denial of service vulnerability in WebSphere Application Server (CVE-2019-4046)'.
If you have previously installed one of these interim fixes for PH07036, you must install the fix for PH06340.
It is not required to remove PH07036 first.

Prerequisites

None

Installation Instructions

Please review the readme.txt for detailed installation instructions.

URL SIZE(Bytes)
V90 Readme 2615
V85 Readme 2682
V80 Readme 2636
V70 Readme 5327
19.0.0.1 Readme 2623
18.0.0.4/18.0.0.3 Readme 2660
19.0.0.2 Archive Readme 2148
19.0.0.1 Archive Readme 2186
18.0.0.4 Archive Readme 2186
18.0.0.3 Archive Readme 2186

Download Package

For 19.0.0.2 (non-archive), the PH06340 interim fix (which includes the resolution for this issue) should be applied.
 

DOWNLOAD RELEASE DATE SIZE(Bytes)

DOWNLOAD Options

What is Fix Central(FC)?

9.0.0.9-WS-WAS-IFPH07036 03-06-2019 327951 FC
8.5.5.15-WS-WAS-IFPH07036 03-06-2019 327036 FC
8.5.5.14-WS-WAS-IFPH07036 03-06-2019 327039 FC
8.5.5.13-WS-WAS-IFPH07036 03-06-2019 327049 FC
8.0.0.15-WS-WAS-IFPH07036 03-06-2019 325592 FC
7.0.0.45-WS-WAS-MultiOS-IFPH07036 03-06-2019 74907 FC
19002-wlp-archive-IFPH07036 03-08-2019 2116352 FC
19001-wlp-archive-IFPH07036 03-06-2019 2115880 FC
18004-wlp-archive-IFPH07036 03-06-2019 2096935 FC
18003-wlp-archive-IFPH07036 03-06-2019 2076871 FC
19.0.0.1-WS-WLP-IFPH07036 03-06-2019 2188238 FC
18.0.0.4-WS-WLP-IFPH07036 03-06-2019 2169113 FC
18.0.0.3-WS-WLP-IFPH07036 03-06-2019 2150792 FC

Problems Solved

PH07036

On

Technical Support

Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the support web site, or contact 1-800-IBM-SERV (U.S. only).

Document Location

Worldwide

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF017","label":"Mac OS"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"18.0.0.3;18.0.0.4;19.0.0.1;19.0.0.2;7.0.0.45;8.0.0.15;8.5.5.13;8.5.5.14;8.5.5.15;9.0.0.9;9.0.0.10","Edition":"Base","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
12 April 2019

UID

ibm10874978