7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:C/I:N/A:N
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.002 Low
EPSS
Percentile
58.8%
There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8 and IBM® Runtime Environment Java™ Version 7 and 8 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. This issue was disclosed as part of the IBM Java SDK and Runtime Environment updates deferred from Oracle Oct 2021 CPU (CVE-2021-35550).
CVEID:CVE-2021-35550
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/211627 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
RBD | 9.1 - 9.1.1.2 |
RBD | 9.5 - 9.5.1.2 |
RBD | 9.6 - 9.6.0.1 |
IBM strongly recommends addressing the vulnerability now by installing this fix or a newer iFix or Fix Pack.
Product
|
VRMF
|
APAR
|
Remediation / First Fix
|
File Name
—|—|—|—|—
Rational Business Developer
|
9.1 - 9.1.1.2
|
None
|
|
RBD-9.1-PSIRT-JRE-7.1.5.5
Rational Business Developer
|
9.5 - 9.5.1.2
|
None
|
|
RBD-9.5-PSIRT-JRE-8.0.7.5
Rational Business Developer
|
9.6 - 9.6.0.1
|
None
|
|
RBD-9.6-PSIRT-JRE-8.0.7.5
None
CPE | Name | Operator | Version |
---|---|---|---|
rational business developer | eq | 9.1 | |
rational business developer | eq | 9.5 | |
rational business developer | eq | 9.6 |
7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:C/I:N/A:N
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.002 Low
EPSS
Percentile
58.8%