There is a vulnerability in IBM® Runtime Environment Java™ Version 7 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVE.
CVEID: CVE-2018-3180
DESCRIPTION: An unspecified vulnerability related to the Java SE JSSE component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 5.6
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151497> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
IBM Installation Manager and IBM Packaging Utility versions 1.8.9.2 and earlier.
Product
| VRMF | APAR | Remediation/First Fix
—|—|—|—
IBM Installation Manager and IBM Packaging Utility | 1.8.x |
| 1.8.9.3 IBM Installation Manager Remediation
1.8.9.3 IBM Packaging Utility Remediation
None