There is a vulnerability in IBM® Runtime Environment Java™ Version 7 that affects the WebSphere DataPower XC10 Appliance. This issue was disclosed as part of the IBM SDK, Java™ Technology Edition updates in April 2018.
CVEID: CVE-2018-2783 DESCRIPTION: An unspecified vulnerability related to the Java SE Security component could allow an unauthenticated attacker to cause high confidentiality impact, high integrity impact, and no availability impact.
CVSS Base Score: 7.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141939> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
WebSphere DataPower XC10 Appliance Version 2.5
Product | VRMF | APAR | Remediation/First Fix |
---|---|---|---|
WebSphere DataPower XC10 Appliance V2.5 on appliance 7199-92X | Version 2.5 with SSD drivers | ||
Important: See More Information link and follow instructions to determine if you have an old or newer SSD driver on your appliance using the show ssd-version command. |
IT25655 | Refer to theVersion 2.5 table in Recommended fixes for WebSphere DataPower XC10 Appliance. | |
WebSphere DataPower XC10 Appliance V2.5 virtual image | 2.5 | IT25655 | Refer to the Version 2.5 table in Recommended fixes for WebSphere DataPower XC10 Appliance. |
None