Lucene search

IBMF16187900EE02741ECBA5688A38A8D208A87EDE868FE6FA273A18C5B002BDCC2

HistoryMay 19, 2023 - 4:57 p.m.

Security Bulletin: Vulnerability in IBM Java SDK affects IBM Tivoli Business Service Manager (CVE-2023-30441)

2023-05-1916:57:46

www.ibm.com

ibm

java sdk

tivoli business service manager

vulnerability

upgrade

cve-2023-30441

sensitive information

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

57.2%

JSON

Summary

IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. IBM Tivoli Business Service Manager has addressed the applicable issue, CVE-2023-30441.

Vulnerability Details

CVEID:CVE-2023-30441
**DESCRIPTION:**IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253188 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Tivoli Business Service Manager	6.2.0

Remediation/Fixes

IBM strongly recommends addressing the vulnerability now.

Product	VRMF	APAR	Remediation
IBM Tivoli Business Service Manager 6.2.0.0 - 6.2.0.4	6.2.0.5	IJ46859	Upgrade to IBM Tivoli Business Service Manager 6.2.0.5

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmtivoli_business_service_managerMatch6.2.0

CPENameOperatorVersion
tivoli business service managereq6.2.0

CPE	Name	Operator	Version
	tivoli business service manager	eq	6.2.0

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

57.2%

JSON

Related for F16187900EE02741ECBA5688A38A8D208A87EDE868FE6FA273A18C5B002BDCC2