IBM24C1EF78324E60477B0E47B81687325BFAB11B34F8AFE6263FEE7EE70052E3FBSecurity Bulletin: A vulnerability in IBM Java Runtime affect IBM CICS TX on Cloud
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
Percentile
28.5%
Summary
IBM CICS TX on Cloud has addressed the following vulnerability reported by IBM® Runtime Environment Java™ Version 8.0
Vulnerability Details
CVEID:CVE-2020-2590
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Java SE Security component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174538 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM CICS TX on Cloud | 10.1 |
Remediation/Fixes
| Product | Version | Defect | Remediation / First Fix |
|---|---|---|---|
| IBM CICS TX on Cloud | 10.1.0.0 | 126492 | Fix Central Link |
Workarounds and Mitigations
None
Affected configurations
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
Percentile
28.5%