Security Bulletin: A security vulnerability has been identified in WebSphere® Application Server shipped with IBM® Intelligent Operations Center (CVE-2019-4441)

Summary

IBM WebSphere® Application Server is shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere® Application Server has been published in a security bulletin.

Vulnerability Details

Consult the security bulletin, Security Bulletin: Information disclosure vulnerability in WebSphere Application Server (CVE-2019-4441), for vulnerability details and information about fixes.

Affected Products and Versions

IBM® Intelligent Operations Center V1.5.0, V1.5.0.1, V1.5.0.2, V1.6.0, V1.6.0.1, V1.6.0.2, V1.6.0.3, V5.1.0, V5.1.0.1, V5.1.0.2, V5.1.0.3, V5.1.0.4, V5.1.0.5, V5.1.0.6, V5.1.0.7, V5.1.0.8, V5.1.0.9, V5.1.0.10, V5.1.0.11, V5.1.0.12, V5.1.0.13, V5.1.0.14, V5.2.0, and V5.2.1 |

IBM WebSphere® Application Server V7.0, V8.0, V8.5, V9.0, and Liberty

—|—
IBM® Intelligent Operations Center for Emergency Management V1.6, V5.1.0, V5.1.0.1, V5.1.0.2, V5.1.0.3, V5.1.0.4, V5.1.0.5, and V5.1.0.6
IBM® Water Operations for Waternamics V5.1, V5.2.0, V5.2.0.1, V5.2.0.2, V5.2.0.3, V5.2.0.4, V5.2.0.5, V5.2.0.6, V5.2.1, and V5.2.1.1

Remediation/Fixes

Download the correct version of the fix from the following link: Security Bulletin: Information disclosure vulnerability in WebSphere Application Server (CVE-2019-4441). Installation instructions for the fix are included in the readme document that is in the fix package.