IBM8D2C237BEE4441339BA2BEA5A096B3B4B0E410AD212D590FAF348DD3549DC2F1Security Bulletin: CVE-2021-2163 may affect IBM® SDK, Java™ Technology Edition
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
51.6%
Summary
CVE-2021-2163 was disclosed as part of the Oracle April 2021 Critical Patch Update.
Vulnerability Details
CVEID:CVE-2021-2163
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/200292 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N)
Affected Products and Versions
7.0.0.0 - 7.0.11.10
7.1.0.0 - 7.1.5.10
8.0.0.0 - 8.0.7.11
11.0.9.0 - 11.0.10.0
Note: IBM SDK, Java Technology Edition Version 11 is now IBM Semeru Runtime Version 11
Remediation/Fixes
7.0.11.15
7.1.5.15
8.0.7.15
11.0.11.0
Note: IBM SDK, Java Technology Edition Version 11 is now IBM Semeru Runtime Version 11
Workarounds and Mitigations
None
Related
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
51.6%