5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 7.0.5.0 and 6.0.14.0, that are used by Sterling Connect:Direct FTP+. These issues were disclosed as part of the IBM Java SDK updates for October 2015.
CVEID: CVE-2015-4872** **
DESCRIPTION: An unspecified vulnerability related to the Security component has no confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/107361> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)
IBM Sterling Connect:Direct FTP+ 1.3.0
V.R.M
| APAR|Remediation
—|—|—
1.3.0| IT14195
IT14554| For all platforms except for HP-UX on Itanium, apply 1.3.0 Fix002, available on Fix Central.
For HP-UX on Itanium, apply 1.3.0 Fix003, available on Fix Central.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm sterling connect:direct ftp+ | eq | 1.3.0 |