6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
48.5%
There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM CPLEX Optimization Studio. IBM CPLEX Optimization Studio has addressed the applicable CVE.
CVEID:CVE-2022-3676
**DESCRIPTION:**Eclipse Openj9 could allow a remote attacker to bypass security restrictions, caused by improper runtime type check by the interface calls. By sending a specially-crafted request using bytecode, an attacker could exploit this vulnerability to access or modify memory.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239608 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM ILOG CPLEX Optimization Studio (COS) | 22.1 |
IBM ILOG CPLEX Optimization Studio (COS) | 20.1.0.1 |
IBM ILOG CPLEX Optimization Studio (COS) | 20.1 |
IBM ILOG CPLEX Optimization Studio (COS) | 12.10 |
IBM ILOG CPLEX Optimization Studio (COS) | 12.9 |
IBM ILOG CPLEX Optimization Studio (COS) | 12.8 |
The recommended solution is to download and install the appropriate version of IBM JRE as soon as practicable.
Before installing a newer version of IBM JRE, please ensure that you:
IBM ILOG CPLEX Optimization Studio :
IBM JRE Version 8 Service Refresh 7 Fix Pack 20 and subsequent releases
IBM JRE Version 7 Service Refresh 11 Fix Pack 15 and subsequent releases
You must verify that applying this fix does not cause any compatibility issues.
Here are the detailed instructions for updating IBM JRE.
For macOS, IBM recommends upgrading to a fixed, supported version/release/platform of the product.
None
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
48.5%