Lucene search

IBM4C81DB2D277BBB0E77AD563F80391527A2F6332652C81AE9734B9DFA21A1B434

HistoryJun 15, 2018 - 7:06 a.m.

Security Bulletin: Multiple vulnerabilities may affect IBM® WebSphere Real Time

2018-06-1507:06:02

www.ibm.com

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

Summary

Java SE issues disclosed in the Oracle July 2016 Critical Patch Update

Vulnerability Details

CVE IDs: CVE-2016-3598 CVE-2016-3511 CVE-2016-3485

DESCRIPTION: This bulletin covers all applicable Java SE CVEs published by Oracle as part of their July 2016 Critical Patch Update. For more information please refer to Oracle’s July 2016 CPU Advisory and the X-Force database entries referenced below.

CVEID: CVE-2016-3598**
DESCRIPTION:** An unspecified vulnerability related to the Libraries component has high confidentiality impact, high integrity impact, and high availability impact.
CVSS Base Score: 9.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115269 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)

CVEID: CVE-2016-3511**
DESCRIPTION:** An unspecified vulnerability related to the Deployment component has high confidentiality impact, high integrity impact, and high availability impact.
CVSS Base Score: 7.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115275 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)

CVEID: CVE-2016-3485**
DESCRIPTION:** An unspecified vulnerability related to the Networking component has no confidentiality impact, low integrity impact, and no availability impact.
CVSS Base Score: 2.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115273 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

Affected Products and Versions

These vulnerabilities affect IBM WebSphere Real Time Version 3 Service Refresh 9 Fix Pack 40 and earlier releases

Remediation/Fixes

The fixes for these vulnerabilities are included in IBM WebSphere Real Time Version 3 Service Refresh 9 Fix Pack 50 and subsequent releases

IBM customers should download WebSphere Real Time updates from Fix Central.

IBM WebSphere Real Time releases can also be downloaded from developerWorks.

APAR numbers are as follows:

IV87081 (CVE-2016-3598)_
IV87082 (CVE-2016-3511)
_IV87083 (CVE-2016-3485)

CPENameOperatorVersion
websphere real timeeq3.0

CPE	Name	Operator	Version
	websphere real time	eq	3.0

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

Related for 4C81DB2D277BBB0E77AD563F80391527A2F6332652C81AE9734B9DFA21A1B434