Security Bulletin: Information Disclosure in WebSphere Application Server Admin Console shipped with IBM® Intelligent Operations Center (CVE-2019-4670)

Summary

IBM WebSphere Application Server is shipped with IBM Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletins(s) listed in the Remediation/Fixes section

Affected Products and Versions

IBM® Intelligent Operations Center V1.5.0, V1.5.0.1, V1.5.0.2, V1.6.0, V1.6.0.1, V1.6.0.2, V1.6.0.3

| IBM WebSphere Application Server V7.0, V8.0, V8.5, V9.0
IBM® Intelligent Operations Center for Emergency Management V1.6,|

Remediation/Fixes

Download the correct version of the fix from the following link: Security Bulletin: Information Disclosure in WebSphere Application Server Admin Console (CVE-2019-4670). Installation instructions for the fix are included in the readme document that is in the fix package.

Workarounds and Mitigations

None