5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 6 and 7, that is used by IBM Image Construction and Composition Tool. The issue was disclosed as part of the IBM Java SDK updates in October 2015.
CVEID: CVE-2015-4872** **
DESCRIPTION: An unspecified vulnerability related to the Security component has no confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107361 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)
IBM Image Construction and Composition Tool v2.3.2.0
IBM Image Construction and Composition Tool v2.3.1.0
The solution is to apply the following IBM Image Construction and Composition Tool version fixes.
· For IBM Image Construction and Composition Tool v2.3.2.0
IBM Image Construction and Composition Tool v2.3.2.0 Build 23
· http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.2.0-23&includeRequisites=1&includeSupersedes=0
· http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_IM_Repository_2.3.2.0-23&includeRequisites=1&includeSupersedes=0
· For IBM Image Construction and Composition Tool v2.3.1.0
IBM Image Construction and Composition Tool v2.3.1.0 Build 45
· http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.1.0-45&includeRequisites=1&includeSupersedes=0
None