Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM2E91EF7A9948535BD27257CCBF7A6470F5ADBFCFAE1D0B1F706C76B9FF03241A
HistorySep 25, 2022 - 9:06 p.m.

Security Bulletin: IBM Tivoli Composite Application Manager for Transactions affected by vulnerabilities in IBM JRE (Multiple CVEs)

2022-09-2521:06:56
www.ibm.com
10

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.968 High

EPSS

Percentile

99.7%

JSON

Abstract

IBM Tivoli Composite Application Manager for Transactions is shipped with two IBM JREs that are based on Oracle Java. It is also dependent on ITM 6.2.1 Framework, which also has it own JRE. Oracle has released a June 2013 Critical Patch Update (CPU) that contains security vulnerability fixes and IBM Java is affected.

Content

VULNERABILITY DETAILS:

DESCRIPTION:
This bulletin also covers all applicable CVEs published by Oracle as part of their June 2013 Java SE Critical Patch Update. For more information please refer to Oracle’s June 2013 Java SE CPU Advisory.

CVEID: CVE-2013-3006
CVSS Base Score: 9.3
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/84147&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3007
CVSS Base Score: 9.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84148&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3008
CVSS Base Score: 9.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84149&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3009
CVSS Base Score: 9.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84150&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3010
CVSS Base Score: 9.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84151&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3011
CVSS Base Score: 9.3
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/84152&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3012
CVSS Base Score: 9.3
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/84153&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-4002
CVSS Base Score: 7.1
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85260&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)

CVEID: CVE-2013-2468
CVSS Base Score: 10.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85034&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2469
CVSS Base Score: 10.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85032&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2465
CVSS Base Score: 10.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85031&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2464
CVSS Base Score: 10.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85030&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2463
CVSS Base Score: 10.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85029&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2473
CVSS Base Score: 10.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85028&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2472
CVSS Base Score: 10.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85027&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2471
CVSS Base Score: 10.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85026&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2470
CVSS Base Score: 10.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85025&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2459
CVSS Base Score: 10.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85033&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2466
CVSS Base Score: 10.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85035&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2462
CVSS Base Score: 9.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85037&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2460
CVSS Base Score: 9.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85038&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3743
CVSS Base Score: 9.3
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85036&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2448
CVSS Base Score: 7.6
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85040&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2442
CVSS Base Score: 7.5
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85041&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVEID: CVE-2013-2407
CVSS Base Score: 6.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85044&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:P)

CVEID: CVE-2013-2454
CVSS Base Score: 5.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85045&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N)

CVEID: CVE-2013-2458
CVSS Base Score: 5.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85046&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N)

CVEID: CVE-2013-3744
CVSS Base Score: 5.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85051&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-2400
CVSS Base Score: 5.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85050&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-2456
CVSS Base Score: 5.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85058&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-2453
CVSS Base Score: 5.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85053&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-2457
CVSS Base Score: 5.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85052&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-2455
CVSS Base Score: 5.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84146&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-2412
CVSS Base Score: 5.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85059&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-2443
CVSS Base Score: 5.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85054&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-2447
CVSS Base Score: 5.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85056&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-2437
CVSS Base Score: 5.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85049&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-2444
CVSS Base Score: 5.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85047&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2013-2452
CVSS Base Score: 5.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85055&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-2446
CVSS Base Score: 5.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85048&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-2450
CVSS Base Score: 5.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85057&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2013-1571
CVSS Base Score: 4.3
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/84715&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-2449
CVSS Base Score: 4.3
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85060&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-2451
CVSS Base Score: 3.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85061&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:H/Au:N/C:P/I:P/A:P)

CVEID: CVE-2013-1500
CVSS Base Score: 3.6
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/85062&gt;_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:N)

For detailed information on which CVEs affect which releases, please refer to the IBM Java Security Alerts page.

AFFECTED PRODUCTS AND VERSIONS:
Versions 7.1.x.x to 7.3.x.x are affected.

REMEDIATION:

Remediation is done in two parts. ITCAM for Transactions users may be affected due to its dependency on ITM framework. On machines with other ITM agents, please ensure the latest updates has been applied. On machines with only ITCAM for Transactions Agent, they should obtain the ITM OS Agent and install that. Refer to
_<http://www-01.ibm.com/support/docview.wss?uid=swg21634920&gt;_

Additionally for Robotics Response Time (T6) Agent users:
Appropriate maintenance can be tracked by APAR <TBD>. Apply maintenance patch 7.3.0.1-TIV-CAMRT-IF0022 (applicable for versions 7.1, 7.2 and 7.3), it will address above issues by updating the JREs shipped. The maintenance package will be available on Fix Central.

Note: This fix supersedes 7.3.0.1-TIV-CAMRT-IF0021.

_Fix_* VRMF APAR How to acquire fix
7.3.0.1-TIV-CAMRT-IF0022 7.3.0.1.22 IV48461 FixCentral

Workaround(s):
None

Mitigation(s): None

REFERENCES:
· Complete CVSS v2 Guide
· On-line Calculator V2_ _
· X-Force Vulnerability Database_ _

RELATED INFORMATION:
_IBM Secure Engineering Web Portal _
IBM Product Security Incident Response Blog
Oracle’s June 2013 Java SE CPU Advisory
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/84147&gt;
CVE-2013-3007
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/84148&gt;
CVE-2013-3008
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/84149&gt;
CVE-2013-3009
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/84150&gt;
CVE-2013-3010
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/84151&gt;
CVE-2013-3011
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/84150&gt;
CVE-2013-3012
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/84153&gt;
CVE-2013-4002
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85260&gt;
CVE-2013-2468
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85034&gt;
CVE-2013-2469
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85032&gt;
CVE-2013-2465
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85031&gt;
CVE-2013-2464
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85030&gt;
CVE-2013-2463
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85029&gt;
CVE-2013-2473
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85028&gt;
CVE-2013-2472
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85027&gt;
CVE-2013-2471
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85026&gt;
CVE-2013-2470
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85025&gt;
CVE-2013-2459
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85033&gt;
CVE-2013-2466
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85035&gt;
CVE-2013-2462
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85037&gt;
CVE-2013-2460
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85038&gt;
CVE-2013-3743
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85036&gt;
CVE-2013-2448
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85040&gt;
CVE-2013-2442
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85041&gt;
CVE-2013-2407
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85044&gt;
CVE-2013-2454
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85045&gt;
CVE-2013-2458
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85046&gt;
CVE-2013-3744
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85051&gt;
CVE-2013-2400
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85050&gt;
CVE-2013-2456
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85058&gt;
CVE-2013-2453
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85053&gt;
CVE-2013-2457
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85052&gt;
CVE-2013-2455
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/84146&gt;
CVE-2013-2412
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85059&gt;
CVE-2013-2443
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85054&gt;
CVE-2013-2447
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85056&gt;
CVE-2013-2437
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85049&gt;
CVE-2013-2444
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85047&gt;
CVE-2013-2452
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85055&gt;
CVE-2013-2446
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85048&gt;
CVE-2013-2450
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85057&gt;
CVE-2013-1571
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/84715&gt;
CVE-2013-2449
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85060&gt;
CVE-2013-2451
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85061&gt;
CVE-2013-1500
X-Force Vulnerability Database <https://exchange.xforce.ibmcloud.com/vulnerabilities/85062&gt;

ACKNOWLEDGEMENT
The vulnerabilities described by the following CVEs were reported to IBM by Adam Gowdiak of Security Explorations: CVE-2013-3006, CVE-2013-3007, CVE-2013-3008, CVE-2013-3009, CVE-2013-3010, CVE-2013-3011, and CVE-2013-3012.

CHANGE HISTORY
2013-09-17: Original Copy Published

_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _

_Note: _According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an “industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.” IBM PROVIDES THE CVSS SCORES “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Related Information

7.3.0.1-TIV-CAMRT-IF0022 Document

[{“Product”:{“code”:“SS5MD2”,“label”:“Tivoli Composite Application Manager for Transactions”},“Business Unit”:{“code”:“BU059”,“label”:“IBM Software w/o TPS”},“Component”:“Not Applicable”,“Platform”:[{“code”:“PF002”,“label”:“AIX”},{“code”:“PF016”,“label”:“Linux”},{“code”:“PF027”,“label”:“Solaris”},{“code”:“PF033”,“label”:“Windows”}],“Version”:“7.1;7.2;7.3”,“Edition”:“All Editions”,“Line of Business”:{“code”:“LOB45”,“label”:“Automation”}}]

Related

openvas 47
ibm 18
veracode 10
suse 13
nessus 45
redhat 7
oraclelinux 3
mageia 2
securityvulns 1
centos 3
amazon 2
debian 2
ubuntu 3
prion 15
cve 15
attackerkb 1
ubuntucve 9
threatpost 1
thn 2
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:1257-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:1305-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:1255-3)
2021-06-09 00:00:00
ibm
ibm
Security Bulletin: WebSphere Application Server - Oracle CPU shipped with Rational Application Developer for WebSphere Software June 2013 (CVE-2013-1571)
2020-02-05 00:09:48
Security Bulletin: WebSphere Application Server - Oracle CPU shipped with Rational Developer for System z June 2013 (CVE-2013-1571)
2020-10-27 15:51:50
Security Bulletin: Multiple vulnerabilities in the IBM Java SDK
2022-09-25 21:06:56
veracode
veracode
Privilege Escalation
2019-05-02 04:46:31
Information Disclosure
2019-05-02 04:46:29
Privilege Escalation
2019-05-02 04:46:29
suse
suse
Security update for java-1_7_0-ibm (important)
2013-07-25 20:04:26
Security update for java-1_6_0-ibm (important)
2013-07-27 17:04:18
Security update for java-1_5_0-ibm (important)
2013-07-30 17:04:11
nessus
nessus
SuSE 11.2 / 11.3 Security Update : java-1_7_0-ibm (SAT Patch Numbers 8106 / 8108)
2013-07-26 00:00:00
RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2013:1059)
2013-07-16 00:00:00
SuSE 10 Security Update : java-1_6_0-ibm (ZYPP Patch Number 8657)
2013-07-26 00:00:00
redhat
redhat
(RHSA-2013:1059) Critical: java-1.6.0-ibm security update
2013-07-15 00:00:00
(RHSA-2013:1060) Critical: java-1.7.0-ibm security update
2013-07-15 00:00:00
(RHSA-2013:1081) Important: java-1.5.0-ibm security update
2013-07-16 00:00:00
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2013-06-19 00:00:00
java-1.7.0-openjdk security update
2013-06-19 00:00:00
java-1.6.0-openjdk security update
2013-07-03 00:00:00
mageia
mageia
Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities
2013-06-26 22:13:26
Updated java-1.6.0-openjdk packages fix security vulnerabilities
2013-07-16 11:26:07
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2013-08-28 00:00:00
centos
centos
java security update
2013-06-20 06:43:01
java security update
2013-06-20 06:46:44
java security update
2013-07-04 10:07:44
amazon
amazon
Important: java-1.7.0-openjdk
2013-06-20 14:14:00
Important: java-1.6.0-openjdk
2013-07-12 15:31:00
debian
debian
[SECURITY] [DSA 2722-1] openjdk-7 security update
2013-07-15 15:52:23
[SECURITY] [DSA 2727-1] openjdk-6 security update
2013-07-25 21:11:57
ubuntu
ubuntu
OpenJDK 7 vulnerabilities
2013-07-16 00:00:00
IcedTea Web update
2013-07-16 00:00:00
OpenJDK 6 vulnerabilities
2013-07-23 00:00:00
prion
prion
Design/Logic Flaw
2013-06-18 22:55:00
Security feature bypass
2013-07-23 11:03:00
Design/Logic Flaw
2013-06-18 22:55:00
cve
cve
CVE-2013-2464
2013-06-18 22:55:00
CVE-2013-3012
2013-07-23 11:03:00
CVE-2013-2466
2013-06-18 22:55:00
attackerkb
attackerkb
CVE-2013-2464
2013-06-18 00:00:00
ubuntucve
ubuntucve
CVE-2013-2464
2013-06-18 00:00:00
CVE-2013-2466
2013-06-18 00:00:00
CVE-2013-2468
2013-06-18 00:00:00
threatpost
threatpost
Many Flash, Java Users Running Older, Vulnerable Versions
2013-09-06 07:40:52
thn
thn
New Mac OS Malware exploited two known Java vulnerabilities
2013-09-24 04:15:00
New Mac OS Malware exploited two known Java vulnerabilities
2013-09-24 15:15:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.968 High

EPSS

Percentile

99.7%

JSON
Related for 2E91EF7A9948535BD27257CCBF7A6470F5ADBFCFAE1D0B1F706C76B9FF03241A
openvas47ibm18veracode10suse13nessus45redhat7oraclelinux3mageia2securityvulns1centos3amazon2debian2ubuntu3prion15cve15attackerkb1ubuntucve9threatpost1thn2