5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:C/I:N/A:N
0.002 Low
EPSS
Percentile
50.7%
There are multiple vulnerabilities in the Java used in IBM InfoSphere Global Name Management (GNM).
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM InfoSphere Global Name Management | 6.0 |
IBM InfoSphere Global Name Management | 6.0 |
IBM InfoSphere Global Name Management | 6.0 |
Per the original bulletin for CVE-2021-35578 (<https://www.ibm.com/support/pages/node/6522860>), apply IBM Java 8.0.7.0 or later.
Per the original bulletins for CVE-2021-35550 (<https://www.ibm.com/support/pages/node/6559262>) and CVE-2021-35603 (<https://www.ibm.com/support/pages/node/6559266>), apply IBM Java 8.0.7.5 or later.
IBM recommends installing the latest version 8 Service Refresh 7 release. All three issues can be addressed by updating GNM 6 using the files and instructions in GNM 6 interim fix 13, available at IBM fix central, which updates the IBM Java in GNM to version 8.0.7.5.
None
CPE | Name | Operator | Version |
---|---|---|---|
infosphere global name management | eq | 6.0 |
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:C/I:N/A:N
0.002 Low
EPSS
Percentile
50.7%