IBM Support

PH07036: Potential vulnerability in WebSphere Application Server (CVE-2018-1902)

Download


Abstract

Potential spoofing vulnerability in WebSphere Application Server (CVE-2018-1902)

Download Description

PH07036 resolves the following problem:

ERROR DESCRIPTION:
Potential spoofing vulnerability in WebSphere Application Server (CVE-2018-1902)

PROBLEM SUMMARY:
Potential spoofing vulnerability in WebSphere Application Server (CVE-2018-1902)

PROBLEM CONCLUSION:
The vulnerability has been fixed. The fix for this APAR is currently targeted for inclusion in fix packs 8.5.5.16, 9.0.0.11, and Liberty 19.0.0.3.
Please refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

None

Installation Instructions

Please review the readme.txt for detailed installation instructions.


Download Package

For 19.0.0.2 (non-archive), the PH06340 interim fix (which includes the resolution for this issue) should be applied.
 

DOWNLOAD RELEASE DATE SIZE(Bytes)

DOWNLOAD Options

What is Fix Central(FC)?

9.0.0.9-WS-WAS-IFPH07036 03-06-2019 327951 FC
8.5.5.15-WS-WAS-IFPH07036 03-06-2019 327036 FC
8.5.5.14-WS-WAS-IFPH07036 03-06-2019 327039 FC
8.5.5.13-WS-WAS-IFPH07036 03-06-2019 327049 FC
8.0.0.15-WS-WAS-IFPH07036 03-06-2019 325592 FC
7.0.0.45-WS-WAS-MultiOS-IFPH07036 03-06-2019 74907 FC
19002-wlp-archive-IFPH07036 03-08-2019 2116352 FC
19001-wlp-archive-IFPH07036 03-06-2019 2115880 FC
18004-wlp-archive-IFPH07036 03-06-2019 2096935 FC
18003-wlp-archive-IFPH07036 03-06-2019 2076871 FC
19.0.0.1-WS-WLP-IFPH07036 03-06-2019 2188238 FC
18.0.0.4-WS-WLP-IFPH07036 03-06-2019 2169113 FC
18.0.0.3-WS-WLP-IFPH07036 03-06-2019 2150792 FC

Problems Solved

PH07036

Technical Support

Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the support web site, or contact 1-800-IBM-SERV (U.S. only).

Problems (APARS) fixed
PH07036

Document information

More support for: WebSphere Application Server

Component: General

Software version: 7.0.0.45, 8.0.0.15, 8.5.5.13, 8.5.5.14, 8.5.5.15, 9.0.0.9, 9.0.0.10, 18.0.0.3, 18.0.0.4, 19.0.0.1, 19.0.0.2

Operating system(s): AIX, HP-UX, IBM i, Linux, Mac OS, Solaris, Windows, z/OS

Software edition: Base

Reference #: 0874978

Modified date: 22 March 2019