Lucene search

IBMC3C3FE91E06F1EF1E78C109E142B1CB7043FE1C0C44C35EFC3AE98C69D936E5A

HistoryMay 18, 2023 - 4:57 p.m.

Security Bulletin: A vulnerability in IBM Java Runtime affects Tivoli Netcool/OMNIbus (CVE-2023-30441)

2023-05-1816:57:49

www.ibm.com

ibm java runtime

tivoli netcool/omnibus

version 8.1.0.29

version 8.1.0.30

security vulnerability

information exposure

cvss base score 7.5

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

57.2%

JSON

Summary

IBM® Runtime Environment Java™ Technology Edition, Version 8 is shipped as a component of Tivoli Netcool/OMNIbus. Information about a security vulnerability affecting the IBM Java Runtime has been published in a security bulletin.

Vulnerability Details

CVEID:CVE-2023-30441
**DESCRIPTION:**IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE components could expose sensitive information using a combination of flaws and configurations.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253188 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
Netcool/OMNIbus	8.1.0.29

Remediation/Fixes

_ Product_	_ VRMF_	_ Known Issue / APAR_	_ Remediation/First Fix_
OMNIbus	8.1.0.30	DT160248 / IJ42362	<https://www.ibm.com/support/pages/node/6600029>

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmtivoli_netcool\/omnibusMatch8.1.0

CPENameOperatorVersion
tivoli netcool/omnibuseq8.1.0

CPE	Name	Operator	Version
	tivoli netcool/omnibus	eq	8.1.0

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

57.2%

JSON

Related for C3C3FE91E06F1EF1E78C109E142B1CB7043FE1C0C44C35EFC3AE98C69D936E5A