Lucene search

IbmCVE-2015-1931

HistorySep 29, 2022 - 3:15 a.m.

CVE-2015-1931

2022-09-2903:15:11

CWE-312

ibm

web.nvd.nist.gov

ibm

java

sdk

security

vulnerability

memory dump

local users

sensitive information

nvd

cve-2015-1931

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.4

Confidence

High

EPSS

Percentile

5.1%

JSON

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file.

Affected configurations

Nvd

Node

ibmjava_sdkRange5.0.0.0–5.0.16.13technology

ibmjava_sdkRange6.0.0.0–6.0.16.7technology

ibmjava_sdkRange6.1.0.0–6.1.8.7technology

ibmjava_sdkRange7.0.0.0–7.0.9.10technology

ibmjava_sdkRange7.1.0.0–7.1.3.10technology

ibmjava_sdkRange8.0.0.0–8.0.1.10technology

Node

suselinux_enterprise_serverMatch11sp1ltss-

suselinux_enterprise_serverMatch11sp2ltss

suselinux_enterprise_serverMatch11sp3-

suselinux_enterprise_serverMatch11sp3vmware

suselinux_enterprise_serverMatch11sp4

suselinux_enterprise_software_development_kitMatch11sp3

suselinux_enterprise_software_development_kitMatch11sp4

Node

redhatsatelliteMatch5.6

redhatsatelliteMatch5.7

redhatenterprise_linux_desktopMatch5.0

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_desktopMatch7.0

redhatenterprise_linux_eusMatch6.7

redhatenterprise_linux_eusMatch7.1

redhatenterprise_linux_eusMatch7.2

redhatenterprise_linux_eusMatch7.3

redhatenterprise_linux_eusMatch7.4

redhatenterprise_linux_eusMatch7.5

redhatenterprise_linux_serverMatch5.0

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_workstationMatch5.0

redhatenterprise_linux_workstationMatch6.0

redhatenterprise_linux_workstationMatch7.0

VendorProductVersionCPE
ibmjava_sdk*cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
suselinux_enterprise_software_development_kit11cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*
suselinux_enterprise_software_development_kit11cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
redhatsatellite5.6cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*
redhatsatellite5.7cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	java_sdk	*	cpe:2.3:a:ibm:java_sdk:::::technology:::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::ltss:-::
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp2:::ltss:::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::-::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::vmware::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp4::::::
suse	linux_enterprise_software_development_kit	11	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3::::::
suse	linux_enterprise_software_development_kit	11	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4::::::
redhat	satellite	5.6	cpe:2.3:a:redhat:satellite:5.6:::::::*
redhat	satellite	5.7	cpe:2.3:a:redhat:satellite:5.7:::::::*