There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 7 and 8 that is used by IBM Control Center. The issue was disclosed as part of the IBM Java SDK update in April 2018.
CVEID: CVE-2018-2783 DESCRIPTION: An unspecified vulnerability related to the Java SE Security component could allow an unauthenticated attacker to cause high confidentiality impact, high integrity impact, and no availability impact.
CVSS Base Score: 7.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141939> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
IBM Control Center 5.4.2.1 through 5.4.2.2 iFix02
IBM Control Center 6.0.0.0 through 6.0.0.2 iFix03
IBM Control Center 6.1.0.0 through 6.1.0.2 iFix04
IBM Control Center 6.1.1.0 through 6.1.1.0 iFix03
Product
|
VRMF
|
iFix
|
Remediation / First Fix
—|—|—|—
IBM Control Center | 5.4.2.2 | iFix03 | Fix Central - 5.4.2.2
IBM Control Center | 6.0.0.2 | iFix04 | Fix Central - 6.0.0.2
IBM Control Center | 6.1.0.2 | iFix05 | Fix Central - 6.1.0.2
IBM Control Center | 6.1.1.0 | iFix04 | Fix Central - 6.1.1.0
None.