Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM15402E039A2197BE6A37D7BE1E990FC5A1FC3846DADA1CA0C85EE1E823C9AB15
HistoryFeb 03, 2020 - 1:35 p.m.

Security Bulletin: Vulnerability in IBM Java Runtime affect IBM Host On-Demand

2020-02-0313:35:58
www.ibm.com
14

0.008 Low

EPSS

Percentile

82.0%

JSON

Summary

There is a Vulnerability in IBM® Runtime Environment Java™ , Version 8 used by IBM Host On-Demand These issues were disclosed as part of the IBM Java SDK updates in October 2017.

Vulnerability Details

CVEID: CVE-2017-10309**
DESCRIPTION:** An unspecified vulnerability related to the Java SE Deployment component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/133738 for the current score
CVSS Environmental Score*: Undefined

Affected Products and Versions

IBM Host On-Demand 12.0.0 - 12.0.3
IBM Host On-Demand 13.0

Remediation/Fixes

Upgrade to JRE 8.0 SR5 FP5 on client machine.

https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ERational&product=ibm/Rational/IBM+Host+On-Demand&release=8.5.0&platform=All&function=all

Workarounds and Mitigations

None

Related

debiancve 1
cve 1
prion 1
openvas 3
checkpoint_advisories 1
veracode 1
ubuntucve 1
nvd 1
redhatcve 1
cvelist 1
srcincite 1
zdt 1
exploitpack 1
packetstorm 1
exploitdb 1
ibm 17
nessus 12
aix 1
redhat 4
gentoo 1
suse 1
kaspersky 1
photon 1
oracle 1
debiancve
debiancve
CVE-2017-10309
2017-10-19 17:29:02
cve
cve
CVE-2017-10309
2017-10-19 17:29:02
prion
prion
Design/Logic Flaw
2017-10-19 17:29:00
openvas
openvas
Oracle Java SE Security Updates (oct2017-3236626) 01 - Linux
2017-10-18 00:00:00
Oracle Java SE Security Updates (oct2017-3236626) 01 - Windows
2017-10-18 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:3411-1)
2021-04-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Java SE XML External Entity Injection Information Disclosure (CVE-2017-10309)
2019-05-19 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 06:37:52
ubuntucve
ubuntucve
CVE-2017-10309
2017-10-19 00:00:00
nvd
nvd
CVE-2017-10309
2017-10-19 17:29:02
redhatcve
redhatcve
CVE-2017-10309
2017-10-17 21:21:30
cvelist
cvelist
CVE-2017-10309
2017-10-19 17:00:00
srcincite
srcincite
SRC-2017-0028 : Oracle Java SE Web Start jnlp XML External Entity Processing Information Disclosure Vulnerability
2017-06-07 00:00:00
zdt
zdt
Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure Exploit
2017-10-31 00:00:00
exploitpack
exploitpack
Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure
2017-10-30 00:00:00
packetstorm
packetstorm
Oracle Java SE Wv8u131 Information Disclosure
2017-11-02 00:00:00
exploitdb
exploitdb
Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure
2017-10-30 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects Rational Functional Tester (CVE-2017-10388, CVE-2017-10356)
2018-09-29 20:06:32
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation
2019-05-23 05:10:01
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Fabric Manager
2019-01-24 11:40:01
nessus
nessus
Photon OS 1.0: Openjre PHSA-2017-0040
2019-02-07 00:00:00
Photon OS 1.0: Openjdk PHSA-2017-0040
2019-02-07 00:00:00
Photon OS 1.0: Bash / Glibc / Libgcrypt / Libtar / Openjdk / Openjre / Strongswan / Unzip PHSA-2017-0040 (deprecated)
2018-08-17 00:00:00
aix
aix
There are multiple vulnerabilities in IBM SDK Java Technology Edition
2017-12-07 12:20:05
redhat
redhat
(RHSA-2017:3264) Critical: java-1.8.0-ibm security update
2017-11-27 17:52:25
(RHSA-2017:3267) Critical: java-1.8.0-ibm security update
2017-11-28 20:27:53
(RHSA-2017:2999) Critical: java-1.8.0-oracle security update
2017-10-23 07:33:24
gentoo
gentoo
Oracle JDK/JRE: Multiple vulnerabilities
2017-10-29 00:00:00
suse
suse
Security update for java-1_8_0-ibm (important)
2017-12-22 15:07:42
kaspersky
kaspersky
KLA11122 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
2017-10-17 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2017-0080
2017-10-24 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00

0.008 Low

EPSS

Percentile

82.0%

JSON
Related for 15402E039A2197BE6A37D7BE1E990FC5A1FC3846DADA1CA0C85EE1E823C9AB15
debiancve1cve1prion1openvas3checkpoint_advisories1veracode1ubuntucve1nvd1redhatcve1cvelist1srcincite1zdt1exploitpack1packetstorm1exploitdb1ibm17nessus12aix1redhat4gentoo1suse1kaspersky1photon1oracle1