There is a vulnerability in IBM® Runtime Environment Java™ Versions 8 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVE and we recommend updating to the latest version to remediate.
CVEID:CVE-2023-21930
**DESCRIPTION:**An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high confidentiality impact and high integrity impact.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253115 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Installation Manager and IBM Packaging Utility | 1.9.0.0-1.9.2.4 |
IBM strongly recommends addressing the vulnerability now by upgrading.
IBM Installation Manager and IBM Packaging Utility| 1.9.x| NO APAR| 1.9.2.5 IBM Installation Manager Remediation
1.9.2.5 IBM Packaging Utility Remediation
—|—|—|—
None