4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.0 SR7 that is used by IBM Multi-Enterprise Integration Gateway. These issues were disclosed as part of the IBM Java SDK updates in July 2014.
CVEID: CVE-2014-4263 DESCRIPTION: An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/94606 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
CVEID: CVE-2014-4244 DESCRIPTION: An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/94605 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
IBM Multi-Enterprise Integration Gateway 1.0 - 1.0.0.1
The recommended solution is to upgrade to the current release as soon as practical. Please see below for information about the fixes available.
_Fix_* | VRMF | APAR | How to acquire fix |
---|---|---|---|
Interim Fix 1.0.0.1_3 | 1.0.0.1 | IT03591 | IBM Fix Central > IBM_Multi-Enterprise_Integration_Gateway_V1.0.0.1_3_iFix_Media |
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm multi-enterprise integration gateway | eq | 1.0.0 |