Lucene search

IBMB667E3D9390E85C117F5CC01B897A666F73B53F1B38A735C2523D3F70CB052A6

HistoryJul 25, 2019 - 3:55 p.m.

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affect Rational Asset Analyzer.

2019-07-2515:55:02

www.ibm.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Summary

A vulnerability in IBM® SDK Java™ Technology Edition, Version 8.0.5.30 and IBM® Runtime Environment Java™ Version 8.0.5.30 used by Rational Asset Analyzer. Rational Asset Analyzer has addressed the applicable CVEs.

Vulnerability Details

CVEID: CVE-2019-2602 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159698> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Versions	Affected Versions
Rational Asset Analyzer	6.1.0.1 - 6.1.0.20

Remediation/Fixes

Product	VRMF	APAR	Remediation / First Fix
Rational Asset Analyzer	6.1.0.21	None	RAA 6.1.0.21

CPENameOperatorVersion
rational asset analyzereqany
rational asset analyzer for system zeqany

CPE	Name	Operator	Version
	rational asset analyzer	eq	any
	rational asset analyzer for system z	eq	any

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Related for B667E3D9390E85C117F5CC01B897A666F73B53F1B38A735C2523D3F70CB052A6