IBM2BEB31EAC54470990EEE9B82C09A1018390C42E0CD49B6AF40A517767DFC75AFSecurity Bulletin: Vulnerability in IBM Java Runtime affects IBM Spectrum Protect Snapshot for VMware (CVE-2019-2989)
EPSS
Percentile
75.5%
Summary
Vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in October 2019. IBM® Runtime Environment Java™ is used by IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware.
Updated 18 March 2020: Added link to 4.1.6.9 fix
Vulnerability Details
CVEID:CVE-2019-2989
**DESCRIPTION:**An unspecified vulnerability in Java SE could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/169295 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Spectrum Protect Snapshot for VMware | 4.1.0.0-4.1.6.8 |
Remediation/Fixes
Spectrum Protect Snapshot for VMware Release |First Fixing
VRM Level|Platform|Link to Fix
—|—|—|—
4.1 | 4.1.6.9 | Linux | https://www.ibm.com/support/pages/node/5694321
Workarounds and Mitigations
None
Related
EPSS
Percentile
75.5%