Lucene search

IBM99E25CA1F2BA0DE4BFA874EDA87AAA2218CD9D3DFBF445FD156B7F4698CEA965

HistoryDec 06, 2022 - 4:11 p.m.

Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Business Service Manager (CVE-2021-41041)

2022-12-0616:11:27

www.ibm.com

ibm tivoli business service manager

java technology edition

security bulletin

cve-2021-41041

upgrade

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

33.4%

JSON

Summary

IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about a security vulnerability affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Tivoli Business Service Manager	6.2.0

Remediation/Fixes

Principal Product and Version(s)	Affected Supporting Product and Version
IBM Tivoli Business Service Manager 6.2.0	IBM strongly recommends addressing the vulnerability now by upgrading the Java SDK.

Security Bulletin: CVE-2021-41041 may affect IBM® SDK, Java™ Technology Edition

Upgrade to IBM® SDK, Java™ Technology Edition Version 8 Service Refresh 7 FP10, please follow How to upgrade JREs shipped with Tivoli Business Service Manager to upgrade.

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmtivoli_business_service_managerMatch6.2.0

CPENameOperatorVersion
tivoli business service managereq6.2.0

CPE	Name	Operator	Version
	tivoli business service manager	eq	6.2.0

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

33.4%

JSON

Related for 99E25CA1F2BA0DE4BFA874EDA87AAA2218CD9D3DFBF445FD156B7F4698CEA965