5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
34.7%
Vulnerabilities in IBM® SDK Java™ Technology Edition, used by IBM Integration Bus & IBM App Connect Enterprise v11, V12. These issues were disclosed as part of the IBM Java SDK updates in April 2021
CVEID:CVE-2021-2161
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/200290 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
IBM App Connect Enterprise V12 , V12.0.1.0
IBM App Connect Enterprise V11 , V11.0.0.0 - V11.0.0.13
IBM Integration Bus V10.0.0.0 - V10.0.0.23
IBM Integration Bus V9.0.0.0 - V9.0.0.11
Product
|
VRMF
| APAR|
Remediation / Fix
—|—|—|—
IBM App Connect Enterprise V12| V12.0.1.0
| IT36290|
Interim fix for APAR IT36290 available here on IBM Fix Central for all the platforms.
IBM App Connect Enterprise V11| V11.0.0.0 - V11.0.0.13| IT36290|
The APAR is availble in fix pack 11.0.0.14
IBM Integration Bus| V10.0.0.0 - V10.0.0.23| IT36290|
The APAR is available in fix pack 10.0.0.24
IBM Integration Bus| V9.0.0.0 - V9.0.0.11| IT36290| Contact IBM support to request for fix
_IBM Integration Bus v9 is no longer in full support;IBM recommends upgrading to a fixed, supported version/release/platform of the product. _
If you are a customer with extended support and require a fix, contact IBM support
None
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
34.7%