Lucene search

IBM0B92A8A6EAFCAA0FBD48FD39AD1A57A0B615646AC7DFBDCDE03F38315CFF19C7

HistoryNov 29, 2021 - 6:15 a.m.

Security Bulletin: A Security Vulnerability in IBM Java Runtime affects IBM License Key Server Administration and Reporting Tool and its Agent

2021-11-2906:15:51

www.ibm.com

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

40.9%

JSON

Summary

A security vulnerability has been found in the IBM® Runtime Environment Java™ used by IBM License Key Server Administration and Reporting Tool and its Agent. A fix has been published to mitigate the same.

Vulnerability Details

CVEID:CVE-2021-2369
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Library component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/205796 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Common Licensing	Agent 9.0
IBM Common Licensing	ART 9.0

Remediation/Fixes

Upgrade to the latest ART/Agent 9.0 iFix 5 from Fix Central.

Workarounds and Mitigations

None

CPENameOperatorVersion
rational license key servereq9.0

CPE	Name	Operator	Version
	rational license key server	eq	9.0

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

40.9%

JSON

Related for 0B92A8A6EAFCAA0FBD48FD39AD1A57A0B615646AC7DFBDCDE03F38315CFF19C7