5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 7.0.5.0 and 6.0.16.16, that are used by Sterling Connect:Direct FTP+. These issues were disclosed as part of the IBM Java SDK updates in January 2016.
CVEID: CVE-2016-0475**
DESCRIPTION:** An unspecified vulnerability related to the Libraries component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 5.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/109946 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N)
IBM Sterling Connect:Direct FTP+ 1.3.0
V.R.M
| APAR|Remediation
—|—|—
1.3.0| IT14195
IT14554| For all platforms except for HP-UX, apply 1.3.0 Fix002, available on Fix Central.
For HP-UX (Itanium and PA_RISC), apply 1.3.0 Fix003, available on Fix Central.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm sterling connect:direct ftp+ | eq | 1.3.0 |