Lucene search

K
ibmIBMC2CB12DB04BE6EC907E9AE881B410ECC6C0C87D54668BE435AC17583F16CDBD3
HistoryMay 21, 2024 - 7:42 p.m.

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager (CVE-2024-21094, CVE-2024-21085, CVE-2024-21011, CVE-2023-38264)

2024-05-2119:42:39
www.ibm.com
11
ibm
java
sdk
tivoli business service manager
vulnerabilities
upgrade
security bulletin

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

5

Confidence

High

EPSS

0.001

Percentile

20.6%

Summary

IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
IBM Tivoli Business Service Manager 6.2.0

Remediation/Fixes

Principal Product and Version(s) Affected Supporting Product and Version
IBM Tivoli Business Service Manager 6.2.0 IBM strongly recommends addressing the vulnerability now by upgrading the Java SDK.

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

  • Upgrade to IBM® SDK, Java™ Technology Edition Version 8 Service Refresh 8 FP25, please follow How to upgrade JREs shipped with Tivoli Business Service Manager to upgrade.

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmtivoli_business_service_managerMatch6.2.0
VendorProductVersionCPE
ibmtivoli_business_service_manager6.2.0cpe:2.3:a:ibm:tivoli_business_service_manager:6.2.0:*:*:*:*:*:*:*

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

5

Confidence

High

EPSS

0.001

Percentile

20.6%