Lucene search

K
ibmIBME349C817CC286A0591D87EACAF1AC76FF2626F8CAB9B74BA655425B1BC519E5D
HistoryFeb 12, 2021 - 3:06 p.m.

Security Bulletin: A Security Vulnerability Has Been Identified In IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Federated Identity Manager (CVE-2020-2601)

2021-02-1215:06:24
www.ibm.com
9

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

Summary

IBM® SDK, Java™ Technology Edition is shipped with IBM Tivoli Federated Identity Manager. Information about a security vulnerability affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
IBM Tivoli Federated Identity Manager All

Remediation/Fixes

Principal Product and Version
| Affected Supporting Product and Versions
| Affected Supporting Product Security Bulletin
—|—|—
IBM Tivoli Federated Identity Manager 6.2
| IBM® SDK, Java™ Technology Edition 7.0, 7.1, 8.0| Security Bulletin: CVE-2020-2601 may affect IBM® SDK, Java™ Technology Edition

Workarounds and Mitigations

None

CPENameOperatorVersion
tivoli federated identity managereq6.2

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

Related for E349C817CC286A0591D87EACAF1AC76FF2626F8CAB9B74BA655425B1BC519E5D