Lucene search

K
ibmIBM897D97A15F67334E04B720BD5B5FD67F1EF556B7646A0D5CE46424288C102782
HistoryDec 14, 2021 - 11:44 a.m.

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM WebSphere Cast Iron Solution & App Connect Professional.

2021-12-1411:44:24
www.ibm.com
12

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

45.4%

Summary

There are multiple vulnerabilities in the IBM SDK Java Technology used by IBM WebSphere Cast Iron Solution & App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in July 2021, IBM WebSphere Cast Iron Solution & App Connect Professional have addressed the applicable CVEs.

Vulnerability Details

CVEID:CVE-2021-2341
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Networking component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors.
CVSS Base score: 3.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/205768 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N)

Affected Products and Versions

IBM WebSphere Cast Iron v 7.5.1.0

App Connect Professional v 7.5.2.0

Remediation/Fixes

IBM WebSphere Cast Iron 7.5.1.0 LI82304 7510 Fixcentral link
App Connect Professional 7.5.2.0 LI82304 7520 Fixcentral link

Workarounds and Mitigations

None

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

45.4%

Related for 897D97A15F67334E04B720BD5B5FD67F1EF556B7646A0D5CE46424288C102782