9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.974 High
EPSS
Percentile
99.9%
This bulletin provides information for addressing the Apache Log4j vulnerabilities (CVE-2021-4104, CVE-2021-45046) in IBM Workload Scheduler by remediating the vulnerabilities in IBM WebSphere Application Server (WAS) and IBM WebSphere Application Server Liberty.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM Workload Scheduler | 9.5 |
IBM Workload Scheduler | 9.4 |
**IBM strongly recommends addressing the vulnerability now. **
Refer to the following security bulletin for vulnerability details and information about fixes addressed by IBM WebSphere Application Server and IBM WebSphere Application Server Liberty which are shipped with IBM Workload Scheduler.
<https://www.ibm.com/support/pages/node/6526750>
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm workload scheduler | eq | 9.4 | |
ibm workload scheduler | eq | 9.5 |
9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.974 High
EPSS
Percentile
99.9%