5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
Vulnerabilities in Open Source Apache CXF affect IBM Tivoli Application Dependency Discovery Manager
CVE-ID:CVE-2017-12624
DESCRIPTION: Apache CXF is vulnerable to a denial of service. By using a specially crafted message attachment header, a remote attacker could exploit this vulnerability to cause the AX-WS and JAX-RS services stop responding.
CVSS Base Score: 5.3
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/135095 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
TADDM 7.3.0.2 - 7.3.0.4
There is an eFix prepared on top of the latest released FixPack for TADDM 7.3.0.
Fix | VRMF | APAR | How to acquire fix |
---|---|---|---|
efix_TADDM73_CXF3114_FP420171214.zip | 7.3.0.4 | None | Download eFix |
Please get familiar with eFix readme in etc/<efix_name>_readme.txt
The only solution is to apply eFix prepared to specific TADDM version (7.3.0.4). This fix is only tested for TADDM versions 7.3.0.4 and should not be applied at other maintenance levels. Upgrade to the latest maintenance level to apply this fix.
CPE | Name | Operator | Version |
---|---|---|---|
tivoli application dependency discovery manager | eq | 7.3 |
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P