- **CVE ID**: CVE-2018-1904 - **Description**: IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. - **CVSS Base Score**: 8.1 - **CVSS Temporal Score**: [Link](https://exchange.xforce.ibmcloud.com/vulnerabilities/152533) for the current score - **CVSS Environment Score**: Undefined - **CVSS Vector**: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) - **Affected Products and Versions**: - Version 9.0 - Version 8.5 - Version 8.0 - Version 7.0 - **Remediation/Fixes**: - Apply the interim fix, Fix Pack, or PTF containing the APAR for each named product as soon as practical. - Specific fix details for different versions are provided in the text. - **Recommendation**: Upgrade and apply fixes as detailed for your version.