Java is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs.
CVEID: CVE-2016-3426**
DESCRIPTION:** An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the JCE component could allow a remote attacker to obtain sensitive information resulting in a partial confidentiality impact using unknown attack vectors.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112457> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Power HMC V7.3.0.0
Power HMC V7.9.0.0
Power HMC V8.1.0.0
Power HMC V8.2.0.0
Power HMC V8.3.0.0
Power HMC V8.4.0.0
Power HMC V8.5.0.0
The following fixes are available on IBM Fix Central at: <http://www-933.ibm.com/support/fixcentral/>
Product
|
VRMF
|
APAR
|
Remediation/Fix
—|—|—|—
Power HMC
|
V7.7.3.0 SP7
|
MB04021
|
Power HMC
|
V7.7.9.0 SP3
|
MB04022
|
Power HMC
|
V8.8.1.0 SP3
|
MB04023
|
Power HMC
|
V8.8.2.0 SP2
|
MB04024
|
Power HMC
|
V8.8.3.0 SP2
|
MB04025
|
Power HMC
|
V8.8.4.0 SP1
|
MB04026
|
Power HMC
|
V8.8.5.0
|
MB04027
|