Multiple security vulnerabilities exist in the IBM SDK, Java™ Technology Edition, which is shipped with IBM SmartCloud Orchestrator.
CVEID: CVE-2014-4263**
DESCRIPTION:** An unspecified vulnerability in Oracle Java SE and JRockit that is related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/94606> for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
CVEID: CVE-2014-4244**
DESCRIPTION:** An unspecified vulnerability in Oracle Java SE and JRockit that is related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/94605> for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
IBM SmartCloud Orchestrator V2.2, V2.2 Fix Pack 1, and IBM SmartCloud Orchestrator V2.3, V2.3.0 Fix Pack 1 up to Interim Fix 5
The recommended solution is to apply the fix as soon as practical. Upgrade to IBM SmartCloud Orchestrator 2.3.0 Fix Pack 1, Interim Fix 6.
None