Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM2507FE173BAEFD10F8FBEB67CBCEC54BE25EE56DF126A0CD8EE3A3486316795D
HistoryJun 15, 2018 - 7:00 a.m.

Security Bulletin: IBM WebSphere MQ is affected by a vulnerability in the IBM JRE (CVE-2013-5780)

2018-06-1507:00:09
www.ibm.com
13

0.009 Low

EPSS

Percentile

83.0%

JSON

Summary

A security vulnerability exists in the IBM Java Runtime Environment component of WebSphere MQ, a patch for this is available in IBM JRE 6.0 (SR15 FP1).

Vulnerability Details

CVEID: CVE-2013-5780 DESCRIPTION: An unspecified vulnerability in IBM Java related to the Libraries component could allow a remote attacker to obtain sensitive information.

CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/88001 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV/N:AC/M:Au/N:C/P:I/N:A/N)

Affected Products and Versions

IBM JRE 6 (maintenance levels older than SR15) provided by;

  • WebSphere MQ 7.1 on all platforms (except IBM i and z/OS)
  • WebSphere MQ 7.5 on all platforms (except IBM i and z/OS)

Remediation/Fixes

WebSphere MQ 7.1

Apply fix pack 7.1.0.5 when available. In the interim apply APAR IC99261

WebSphere MQ 7.5
Apply fix pack 7.5.0.3 or later

Workarounds and Mitigations

None known

Related

ibm 21
cvelist 1
nvd 1
f5 2
cve 1
prion 1
veracode 17
ubuntucve 1
nessus 44
openvas 29
suse 5
redhat 9
mageia 2
oraclelinux 3
centos 3
amazon 2
ubuntu 2
aix 1
kaspersky 1
securityvulns 1
oracle 1
gentoo 2
ibm
ibm
Security Bulletin: InfoSphere Replication Dashboard is affected by a vulnerability in the IBM JRE (CVE-2013-5780)
2022-09-25 23:09:27
Security Bulletin: Vulnerability in IBM Rational RequisitePro could allow a remote attacker to obtain sensitive information. (CVE-2013-5780)
2018-06-17 04:52:32
Security Bulletin: DB2 Recovery Expert for Linux, UNIX and Windows is affected by a vulnerability in IBM Java (CVE-2013-5780)
2022-09-25 21:06:56
cvelist
cvelist
CVE-2013-5780
2013-10-16 15:00:00
nvd
nvd
CVE-2013-5780
2013-10-16 15:55:34
f5
f5
SOL68942513 - Java vulnerability CVE-2013-5780
2016-05-25 00:00:00
K68942513 : Java vulnerability CVE-2013-5780
2016-05-25 00:00:00
cve
cve
CVE-2013-5780
2013-10-16 15:55:34
prion
prion
Design/Logic Flaw
2013-10-16 15:55:00
veracode
veracode
Information Disclosure
2019-05-02 04:54:22
Sandbox Restrictions Bypass
2019-05-02 04:58:36
Sandbox Restrictions Bypass
2019-05-02 04:58:36
ubuntucve
ubuntucve
CVE-2013-5780
2013-10-16 00:00:00
nessus
nessus
IBM WebSphere MQ 7.1 < 7.1.0.5 / 7.5 < 7.5.0.3 Multiple Vulnerabilities
2014-05-19 00:00:00
IBM WebSphere Application Server 8.0 < Fix Pack 8 Multiple Vulnerabilities
2014-01-20 00:00:00
IBM WebSphere Application Server 7.0 < Fix Pack 31 Multiple Vulnerabilities
2014-01-20 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:1669-1)
2021-06-09 00:00:00
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 (Oct 2013) - Windows
2013-10-25 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-246)
2015-09-08 00:00:00
suse
suse
Security update for IBM Java 5 (important)
2013-11-14 16:04:15
Security update for OpenJDK 7 (important)
2013-11-13 15:04:17
Security update for IBM Java 7 (important)
2013-11-22 08:04:19
redhat
redhat
(RHSA-2013:1509) Important: java-1.5.0-ibm security update
2013-11-07 00:00:00
(RHSA-2013:1505) Important: java-1.6.0-openjdk security update
2013-11-05 00:00:00
(RHSA-2013:1447) Important: java-1.7.0-openjdk security update
2013-10-21 00:00:00
mageia
mageia
Updated java-1.6.0-openjdk package fixes multiple vulnerabilities
2013-11-13 23:05:43
Updated java-1.7.0-openjdk package fixes security vulnerabilities
2013-11-13 23:03:04
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2013-11-05 00:00:00
java-1.7.0-openjdk security update
2013-10-21 00:00:00
java-1.7.0-openjdk security update
2013-10-22 00:00:00
centos
centos
java security update
2013-11-05 20:45:16
java security update
2013-10-23 11:04:05
java security update
2013-10-22 07:41:01
amazon
amazon
Important: java-1.6.0-openjdk
2013-11-05 13:35:00
Critical: java-1.7.0-openjdk
2013-10-23 15:22:00
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2013-11-21 00:00:00
OpenJDK 7 vulnerabilities
2014-01-23 00:00:00
aix
aix
Multiple Java vulnerabilities
2013-12-11 10:53:34
kaspersky
kaspersky
KLA10492 Multiple vulnerabilities in Oracle products
2013-10-16 00:00:00
securityvulns
securityvulns
Oracle / Sun / MySQL / PeopleSoft applications multiple security vulnerabilities
2013-12-09 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2013
2013-10-15 00:00:00
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00

0.009 Low

EPSS

Percentile

83.0%

JSON
Related for 2507FE173BAEFD10F8FBEB67CBCEC54BE25EE56DF126A0CD8EE3A3486316795D
ibm21cvelist1nvd1f52cve1prion1veracode17ubuntucve1nessus44openvas29suse5redhat9mageia2oraclelinux3centos3amazon2ubuntu2aix1kaspersky1securityvulns1oracle1gentoo2