10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
An unspecified vulnerability related to the Libraries component has complete confidentiality impact, complete integrity impact, and complete availability impact and affects IBM i java.
CVEID: CVE-2015-2590 DESCRIPTION: An unspecified vulnerability and Java SE Embedded related to the Libraries component has complete confidentiality impact, complete integrity impact, and complete availability impact.
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104724 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Releases V3R7, V4R1, V4R2, V4R3, V4R4, V5R1, V5R2, V5R3, V5R4, 6.1, 7.1 and 7.2 of IBM i are affected.
The issue can be fixed by applying a PTF to the IBM i Operating System.
Releases 6.1, 7.1 and 7.2 of IBM i are supported and will be fixed. Releases V3R7, V4R1, V4R2, V4R3, V4R4, V5R1, V5R2, V5R3 and V5R4 are unsupported and will not be fixed.
Please see the Java document at this URL for the latest Java information for IBM i:
http://www.ibm.com/developerworks/ibmi/techupdates/java
The IBM i PTF numbers are:
Release 6.1 – SF99562 level 33 ** Release 7.1 – SF99572 level 22** ** Release 7.2 – SF99716 level 7**
_Important note: _IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products.
None