There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 that is used by IBM Systems Director . These issues were disclosed as part of the IBM Java SDK updates in October 2015.
CVEID: CVE-2015-4872 DESCRIPTION: An unspecified vulnerability related to the Security component has no confidentiality impact, partial integrity impact, and no availability impact.CVSS
Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107361 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVEID: CVE-2015-4840 DESCRIPTION: An unspecified vulnerability related to the 2D component could allow a remote attacker to obtain sensitive information.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107353 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVEID: CVE-2015-4903 DESCRIPTION: An unspecified vulnerability related to the RMI component could allow a remote attacker to obtain sensitive information.CVSS
Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107357 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
From the IBM System Director command line enter smcli lsver to determine the level of IBM System Director installed.
IBM Systems Director:
For Releases 5.2.x.x, 6.1.x.x , 6.2.x.x , 6.3.0.0 to 6.3.3.x IBM recommends upgrading to a fixed, supported version of the product.
Follow the instructions mentioned under http://www-947.ibm.com/support/entry/portal/support/ and search for Tech note 767946525 to apply the fix for releases:
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm systems director | eq | any |