Lucene search

IBMFE76EBEE1297EA99B4DEAF443A4AFEF8EDB41FABB23A314759F431205EF3D346

HistoryJul 16, 2018 - 10:15 a.m.

Security Bulletin: IBM InfoSphere Guardium Database Activity Monitor is affected by: CVE-2014-4263 and CVE-2014-4244

2018-07-1610:15:46

www.ibm.com

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

JSON

Summary

An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact, reported on July 15, 2014.

Vulnerability Details

CVE-ID: CVE-2014-4263

**DESCRIPTION:**Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to “Diffie-Hellman key agreement.”

CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/94606> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)

CVE-ID: CVE-2014-4244

DESCRIPTION: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security

CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/94605> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)

Affected Products and Versions

Guardium Database Activity Monitor 8.0, 8.2, 9.0, 9.1

Remediation/Fixes

<Product

| VRMF| APAR| Remediation/First Fix
—|—|—|—
Guardium Database Activity Monitor| 9.0|

	http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard-9.0p1036_Security_Update&includeSupersedes=0&source=fc

Guardium Database Activity Monitor| 8.2|
| http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard-8.2p239_Security_Update&includeSupersedes=0&source=fc

Workarounds and Mitigations

None known

CPENameOperatorVersion
ibm security guardiumeq9.1
ibm security guardiumeq9.0
ibm security guardiumeq8.2

Name	Operator	Version
ibm security guardium	eq	9.1
ibm security guardium	eq	9.0
ibm security guardium	eq	8.2

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

JSON

Related for FE76EBEE1297EA99B4DEAF443A4AFEF8EDB41FABB23A314759F431205EF3D346