Security Bulletin: A security vulnerability has been identified in Oracle Oct 2020 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-2773)

Summary

A security vulnerability has been identified in Oracle Oct 2020 CPU for Java 8 which is shipped with IBM® Intelligent Operations Center. Information about this security vulnerability affecting IBM® Intelligent Operations Center has been published and addressed the applicable CVEs.

Vulnerability Details

CVEID:CVE-2020-2773
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Java SE Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/179673 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Remediation/Fixes

The recommended solution is to apply an interim fix that contains the fix for this issue as soon as practical.

Download the IBM Intelligent Operations Center Version 5.2.2 is an upgrade to IBM Intelligent Operations Center Version 5.1 through IBM Intelligent Operations Center Version 5.2 from the following link:

IBM Intelligent Operations Center Version 5.2.2

Installation instructions for the fix are included in the readme document that is in the fix package.

Workarounds and Mitigations

None