Lucene search
IBM11AD265069CB940844CA632E6655D7605F8B4FE142815F41FEA109BF0A29B96EHistoryFeb 18, 2022 - 8:34 a.m.
Security Bulletin: Cloud Pak for Security vulnerable to information exposure (CVE-2021-35567)
2022-02-1808:34:59
www.ibm.com
24
cloud pak security
vulnerability
fix
cve-2021-35567
java se
EPSS
0.002
Percentile
60.7%
Summary
Cloud Pak for Security v1.8.1.0 and earlier is vulnerable to CVE-2021-35567 due to the usage of Java SE in product components. This could allow an attacker to obtain potentially sensitve information. Cloud Pack for Security has issued a fix to address the issue.
Vulnerability Details
CVEID:CVE-2021-35567
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Libraries component could allow an authenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/211643 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| Cloud Pak for Security (CP4S) | 1.8.1.0 |
| Cloud Pak for Security (CP4S) | 1.8.0.0 |
Remediation/Fixes
Please upgrade to CP4S 1.9.0.0 or later following instructions: <https://www.ibm.com/docs/en/cloud-paks/cp-security/1.9?topic=installing-upgrading-cloud-pak-security-from-18>
Workarounds and Mitigations
None
Related
alpinelinux
alpinelinux
CVE-2021-35567
2021-10-20 11:16:38
cnvd
cnvd
cvelist
cvelist
CVE-2021-35567
2021-10-20 10:50:14
redhatcve
redhatcve
CVE-2021-35567
2021-10-19 21:25:59
nvd
nvd
CVE-2021-35567
2021-10-20 11:16:38
vulnrichment
vulnrichment
CVE-2021-35567
2021-10-20 10:50:14
prion
prion
Code injection
2021-10-20 11:16:00
debiancve
debiancve
CVE-2021-35567
2021-10-20 11:16:38
ubuntucve
ubuntucve
CVE-2021-35567
2021-10-20 00:00:00
osv
osv
CVE-2021-35567
2021-10-20 11:16:38
java-13-openjdk-13.0.9.0-1.1 on GA media
2024-06-15 00:00:00
openjdk-17 - security update
2021-11-23 00:00:00
cve
cve
CVE-2021-35567
2021-10-20 11:16:38
veracode
veracode
Information Disclosure
2021-10-26 21:55:29
broadcom
broadcom
BSA-2022-2025
2022-07-29 00:00:00
openvas
openvas
Oracle Java SE Security Update (oct2021) 02 - Linux
2021-10-25 00:00:00
Oracle Java SE Security Update (oct2021) 02 - Windows
2021-10-25 00:00:00
Fedora: Security Advisory for java-latest-openjdk (FEDORA-2021-f361564c6d)
2021-10-31 00:00:00
f5
f5
ibm
ibm
redhat
redhat
(RHSA-2021:4532) Important: OpenJDK 17.0.1 security update for Portable Linux Builds
2021-11-11 18:26:11
(RHSA-2021:4135) Important: java-17-openjdk security update
2021-11-09 19:26:37
nessus
nessus
Rocky Linux 8 : java-17-openjdk (RLSA-2021:4135)
2023-11-07 00:00:00
RHEL 8 : java-17-openjdk (RHSA-2021:4135)
2021-11-11 00:00:00
Oracle Linux 8 : java-17-openjdk (ELSA-2021-4135)
2021-11-18 00:00:00
rocky
rocky
java-17-openjdk security update
2021-11-09 19:26:37
java-11-openjdk security update
2021-10-20 12:41:00
java-1.8.0-openjdk security and bug fix update
2021-10-20 12:38:15
fedora
fedora
[SECURITY] Fedora 33 Update: java-latest-openjdk-17.0.1.0.12-1.rolling.fc33
2021-10-31 01:01:59
[SECURITY] Fedora 35 Update: java-latest-openjdk-17.0.1.0.12-1.rolling.fc35
2021-10-31 01:09:50
[SECURITY] Fedora 34 Update: java-latest-openjdk-17.0.1.0.12-1.rolling.fc34
2021-10-31 01:15:50
almalinux
almalinux
Important: java-17-openjdk security update
2021-11-09 19:26:37
Important: java-11-openjdk security update
2021-10-20 12:41:00
Important: java-1.8.0-openjdk security and bug fix update
2021-10-20 12:38:15
debian
debian
[SECURITY] [DSA 5012-1] openjdk-17 security update
2021-11-23 21:30:57
[SECURITY] [DSA 5000-2] openjdk-11 security update
2021-12-22 19:03:51
[SECURITY] [DSA 5000-1] openjdk-11 security update
2021-11-01 19:44:34
oraclelinux
oraclelinux
java-17-openjdk security update
2021-11-18 00:00:00
java-11-openjdk security and bug fix update
2021-10-21 00:00:00
java-11-openjdk security update
2021-10-20 00:00:00
altlinux
altlinux
suse
suse
Security update for java-11-openjdk (important)
2021-11-17 00:00:00
Security update for java-11-openjdk (important)
2021-11-16 00:00:00
Security update for java-1_8_0-openjdk (important)
2021-11-24 00:00:00
centos
centos
java security update
2021-11-17 15:04:57
java security update
2021-11-17 15:06:26
rosalinux
rosalinux
Advisory ROSA-SA-2023-2134
2023-03-21 12:45:26
amazon
amazon
Important: java-1.8.0-openjdk
2022-01-18 20:14:00
Important: java-1.8.0-openjdk
2021-12-08 02:23:00
Important: java-11-amazon-corretto
2021-10-28 23:20:00
mageia
mageia
Updated java openjdk packages fix security vulnerability
2021-12-08 23:04:18
ubuntu
ubuntu
OpenJDK vulnerabilities
2021-12-17 00:00:00
kaspersky
kaspersky
KLA12331 Multiple vulnerabilities in Oracle Java SE
2021-09-28 00:00:00
redos
redos
ROS-20240424-01
2024-04-24 00:00:00
gentoo
gentoo
OpenJDK: Multiple Vulnerabilities
2022-09-07 00:00:00
IcedTea: Multiple Vulnerabilities
2024-09-28 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-3.0-0601
2023-06-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00
EPSS
0.002
Percentile
60.7%
Related for 11AD265069CB940844CA632E6655D7605F8B4FE142815F41FEA109BF0A29B96E