Lucene search

[email protected]NVD:CVE-2015-1931

HistorySep 29, 2022 - 3:15 a.m.

CVE-2015-1931

2022-09-2903:15:11

CWE-312

[email protected]

web.nvd.nist.gov

ibm

java

security components

memory dumps

local users

sensitive information

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

5.1%

JSON

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file.

Affected configurations

Nvd

Node

ibmjava_sdkRange5.0.0.0–5.0.16.13technology

ibmjava_sdkRange6.0.0.0–6.0.16.7technology

ibmjava_sdkRange6.1.0.0–6.1.8.7technology

ibmjava_sdkRange7.0.0.0–7.0.9.10technology

ibmjava_sdkRange7.1.0.0–7.1.3.10technology

ibmjava_sdkRange8.0.0.0–8.0.1.10technology

Node

suselinux_enterprise_serverMatch11sp1ltss-

suselinux_enterprise_serverMatch11sp2ltss

suselinux_enterprise_serverMatch11sp3-

suselinux_enterprise_serverMatch11sp3vmware

suselinux_enterprise_serverMatch11sp4

suselinux_enterprise_software_development_kitMatch11sp3

suselinux_enterprise_software_development_kitMatch11sp4

Node

redhatsatelliteMatch5.6

redhatsatelliteMatch5.7

redhatenterprise_linux_desktopMatch5.0

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_desktopMatch7.0

redhatenterprise_linux_eusMatch6.7

redhatenterprise_linux_eusMatch7.1

redhatenterprise_linux_eusMatch7.2

redhatenterprise_linux_eusMatch7.3

redhatenterprise_linux_eusMatch7.4

redhatenterprise_linux_eusMatch7.5

redhatenterprise_linux_serverMatch5.0

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_workstationMatch5.0

redhatenterprise_linux_workstationMatch6.0

redhatenterprise_linux_workstationMatch7.0

VendorProductVersionCPE
ibmjava_sdk*cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
suselinux_enterprise_software_development_kit11cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*
suselinux_enterprise_software_development_kit11cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
redhatsatellite5.6cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*
redhatsatellite5.7cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	java_sdk	*	cpe:2.3:a:ibm:java_sdk:::::technology:::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::ltss:-::
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp2:::ltss:::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::-::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::vmware::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp4::::::
suse	linux_enterprise_software_development_kit	11	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3::::::
suse	linux_enterprise_software_development_kit	11	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4::::::
redhat	satellite	5.6	cpe:2.3:a:redhat:satellite:5.6:::::::*
redhat	satellite	5.7	cpe:2.3:a:redhat:satellite:5.7:::::::*