CVE ID: CVE-2018-1904 Description: IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. CVSS Base Score: 8.1 CVSS Temporal Score: Link for the current score CVSS Environment Score: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) Affected Products and Versions: - Version 9.0 - Version 8.5 - Version 8.0 - Version 7.0 Remediation/Fixes: - Apply the interim fix, Fix Pack, or PTF containing the APAR for each named product as soon as practical. - Specific fix details for different versions are provided in the text. Recommendation: Upgrade and apply fixes as detailed for your version.