5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
49.8%
Vulnerabilities in IBM® SDK Java™ Technology Edition potentially affect IBM Workload Scheduler. These issues were disclosed as part of the Oracle July 2022 Critical Patch Update. These vulnerabilities have been addressed.
CVEID:CVE-2022-21541
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/231568 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID:CVE-2022-21540
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/231567 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Workload Scheduler | 9.5 |
IBM Workload Scheduler | 9.4 |
IBM Workload Scheduler | 10.1 |
APAR IJ44019 has been opened to address Java vulnerabilities affecting IBM Workload Scheduler.
The following fixes for IJ44019 are available for download on FixCentral
V9.4: 940-TIV-TWS-FP7-IJ44019 to be applied on top of IBM Workload Scheduler Distributed 9.4.0.7 (link for Fix Central).
V9.5: APAR IJ44019 is included in IBM Workload Scheduler 9.5.0.6 Security Update, available on Fix Central.
V10.1 APAR IJ44019 is included in IBM Workload Scheduler 10.1.0.1, available on FixCentral.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm workload scheduler | eq | 9.4 | |
ibm workload scheduler | eq | 9.5 |
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
49.8%