5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
100.0%
IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment
and the IBM Java Software Development Kit.
This update fixes several vulnerabilities in the IBM Java Runtime
Environment and the IBM Java Software Development Kit. Further information
about these flaws can be found on the IBM Java Security alerts page, listed
in the References section. (CVE-2015-1931, CVE-2015-2590, CVE-2015-2601,
CVE-2015-2613, CVE-2015-2619, CVE-2015-2621, CVE-2015-2625, CVE-2015-2632,
CVE-2015-2637, CVE-2015-2638, CVE-2015-2664, CVE-2015-4000, CVE-2015-4729,
CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4736, CVE-2015-4748,
CVE-2015-4749, CVE-2015-4760)
Note: This update forces the TLS/SSL client implementation in IBM JDK to
reject DH key sizes below 768 bits to address the CVE-2015-4000 issue.
Refer to Red Hat Bugzilla bug 1223211, linked to in the References section,
for additional details about this change.
All users of java-1.7.1-ibm are advised to upgrade to these updated
packages, containing the IBM Java SE 7R1 SR3-FP10 release. All running
instances of IBM Java must be restarted for the update to take effect.
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
100.0%