A security vulnerability exists in the IBM® SDK Java™ Technology Edition, Version 6 and 7 that is used by IBM WebSphere Application Server Community Edition 3.0.0.4.
This issue was disclosed as part of the IBM Java SDK updates in July 2014.
CVE ID:**CVE-2014-**4244
DESCRIPTION: An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS:
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/94605> for the current score
CVSS Environmental Score:* Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
WebSphere Application Server Community Edition 3.0.0.4
If you use the IBM SDK for Java: upgrade your SDK to a level as noted below:
IBM SDK for Java 6.0:
Upgrade your SDK to IBM SDK, Java 2 Technology Edition, Version 6 Service Refresh 16 Fix Pack 1 or IBM SDK, Java 2 Technology Edition, Version 6R1 Service Refresh 8 Fix Pack 1
IBM SDK for Java 7.0:
Upgrade your SDK to IBM SDK, Java 2 Technology Edition, Version 7 Service Refresh 7 Fix Pack 1 or IBM SDK, Java 2 Technology Edition, Version 7R1 Service Refresh 1Fix Pack 1
If you use the Oracle SDK: upgrade your SDK to a level as noted below:
Oracle SDK 1.6:
Upgrade your SDK to Oracle SDK 1.6.0_81.
Oracle SDK 1.7:
Upgrade your SDK to Oracle SDK 1.7.0_65.