5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
0.002 Low
EPSS
Percentile
60.5%
There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8 and IBM® Runtime Environment Java™ Version 7 and 8 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. This issue was disclosed as part of the IBM Java SDK and Runtime Environment update deferred from Oracle Oct 2021 CPU (CVE-2021-35561).
CVEID:CVE-2021-35561
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Utility component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/211637 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Affected Product(s) | Version(s) |
---|---|
RBD | 9.1 - 9.1.1.2 |
RBD | 9.5 - 9.5.1.2 |
RBD | 9.6 - 9.6.0.1 |
RBD | 9.7 |
IBM strongly recommends addressing the vulnerability now by installing this fix or a newer iFix or Fix Pack.
Product | VRMF | APAR | Remediation / First Fix | File Name |
---|---|---|---|---|
Rational Business Developer | 9.1 - 9.1.1.2 | None | https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ERational&product=ibm/Rational/Rational+Business+Developer&release=9.1.0&platform=All&function=all | RBD-9.1-PSIRT-JRE-7.1.5.10 |
Rational Business Developer | 9.5 - 9.5.1.2 | None |
| RBD-9.5-PSIRT-JRE-8.0.7.10
Rational Business Developer | 9.6 - 9.6.0.1 | None |
| RBD-9.6-PSIRT-JRE-8.0.7.10
Rational Business Developer | 9.7 | None | https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Business+Developer&release=9.7.0&platform=All&function=all | RBD-9.7-PSIRT-JRE-8.0.7.10
None
CPE | Name | Operator | Version |
---|---|---|---|
rational business developer | eq | 9.1 | |
rational business developer | eq | 9.5 | |
rational business developer | eq | 9.6 | |
rational business developer | eq | 9.7 |
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
0.002 Low
EPSS
Percentile
60.5%