Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Intelligent Operations Center (CVE-2018-1777)

Summary

IBM WebSphere Application Server is shipped with IBM Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Consult the security bulletin, Security Bulletin: Potential cross-site scripting vulnerability in the WebSphere Application Server Admin Console (CVE-2018-1777), for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Versions

| Affected Supporting Products
—|—
IBM Intelligent Operations Center V1.6.0, V1.6.0.1, V1.6.0.2, and V1.6.0.3 | IBM WebSphere Application Server V7.0, V8.0, V8.5, and V9.0
IBM Intelligent Operations Center for Emergency Management V1.6

Remediation/Fixes

Download the correct version of the fix from the following link: Security Bulletin: Potential cross-site scripting vulnerability in the WebSphere Application Server Admin Console (CVE-2018-1777). Installation instructions for the fix are included in the readme document that is in the fix package.