There is a vulnerability in IBM® Runtime Environment Java™ Versions 7.0, 7.1, and 8.0 used by IBM SPSS Statistics. IBM SPSS Statistics has addressed the applicable CVEs.
CVEID:CVE-2019-2949
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Kerberos component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/169254 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
SPSS Statistics | 26.0 |
SPSS Statistics | 25.0 |
SPSS Statistics | 24.0 |
Affected Products | Versions | Fixes |
---|---|---|
SPSS Statistics | 26.0 | Install Statistics 26 FP001-IF006 |
SPSS Statistics | 25.0 | Install Statistics 25 FP002-IF009 |
SPSS Statistics | 24.0 | Install Statistics 24 FP002-IF022 |
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm spss statistics | eq | 24.0.0.2 | |
ibm spss statistics | eq | 25.0.0.2 | |
ibm spss statistics | eq | 26.0.0.1 |