CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
5.1%
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | java_sdk | * | cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:* |
suse | linux_enterprise_server | 11 | cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:* |
suse | linux_enterprise_server | 11 | cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:* |
suse | linux_enterprise_server | 11 | cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:* |
suse | linux_enterprise_server | 11 | cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:* |
suse | linux_enterprise_server | 11 | cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:* |
suse | linux_enterprise_software_development_kit | 11 | cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:* |
suse | linux_enterprise_software_development_kit | 11 | cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:* |
redhat | satellite | 5.6 | cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:* |
redhat | satellite | 5.7 | cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:* |
lists.opensuse.org/opensuse-security-announce/2015-07/msg00051.html
lists.opensuse.org/opensuse-security-announce/2015-09/msg00014.html
rhn.redhat.com/errata/RHSA-2015-1485.html
rhn.redhat.com/errata/RHSA-2015-1486.html
rhn.redhat.com/errata/RHSA-2015-1488.html
rhn.redhat.com/errata/RHSA-2015-1544.html
rhn.redhat.com/errata/RHSA-2015-1604.html
www-01.ibm.com/support/docview.wss?uid=swg1IV75182
www-01.ibm.com/support/docview.wss?uid=swg21962302
www.securityfocus.com/bid/75985
More