IBM SDK, Java Technology Edition is used by CICS TX Advanced to run WebSphere Liberty, Fix Installer and Java based CICS applications. The fix removes the denial of service vulnerability CVE-2021-35561 from IBM SDK, JTE.
CVEID:CVE-2021-35561
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Utility component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/211637 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Affected Product(s) | Version(s) |
---|---|
IBM CICS TX Advanced | 10.1 |
IBM CICS TX Advanced | 11.1 |
IBM strongly recommends addressing the vulnerability by downloading and applying the interim fixes from the table below
Product
| Version| Defect| Remediation / First Fix
—|—|—|—
IBM CICS TX Advanced|
11.1
| 127795| Download fix here
IBM CICS TX Advanced|
10.1
| 127795| Download fix here
None