There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by FlashCopy Manager (IBM Spectrum Protect Snapshot) for VMware. These issues were disclosed as part of the IBM Java SDK updates in October 2016.
CVEID: CVE-2016-5597**
DESCRIPTION:** An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Networking component could allow a remote attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/118071 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
The following levels of FlashCopy Manager (IBM Spectrum Protect Snapshot) for VMware are affected:
_Tivoli Storage FlashCopy Manager for VMware Release _
| First Fixing VRMF Level|Platform|Link to Fix / Fix Availability Target
—|—|—|—
4.1| 4.1.6.2| Linux| http://www.ibm.com/support/docview.wss?uid=swg24043426
3.2| 3.2.0.9| Linux| http://www.ibm.com/support/docview.wss?uid=swg24043440****
None
CPE | Name | Operator | Version |
---|---|---|---|
tivoli storage flashcopy manager | eq | 3.2 | |
tivoli storage flashcopy manager | eq | 4.1 |