Lucene search

IBM329CDA9E58C902A7C1F7429749889B14096AF7DD7DA0AB56B5D6F5982CAEC2B7

HistorySep 30, 2022 - 6:31 a.m.

Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Business Service Manager (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443)

2022-09-3006:31:16

www.ibm.com

ibm tivoli business service manager

security bulletin

java™ technology edition

cve-2022-21496

cve-2022-21434

cve-2022-21443

upgrade to ibm® sdk

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS

0.002

Percentile

56.1%

JSON

Summary

IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Tivoli Business Service Manager	6.2.0

Remediation/Fixes

Principal Product and Version(s)	Affected Supporting Product and Version(s)
IBM Tivoli Business Service Manager 6.2.0	Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Upgrade to IBM® SDK, Java™ Technology Edition Version 8 Service Refresh 7 FP 10. Please refer to How to upgrade JREs shipped with Tivoli Business Service Manager on how to upgrade the Java runtime.