Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Business Service Manager (CVE-2021-2341)

Summary

IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin.

Vulnerability Details

CVEID:CVE-2021-2341
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Networking component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors.
CVSS Base score: 3.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/205768 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N)

Affected Products and Versions

Remediation/Fixes

Affected Products and Versions

Remediation/Fixes

Security Bulletin: CVE-2021-2341 may affect IBM® SDK, Java™ Technology Edition

Upgrade to IBM® SDK, Java™ Technology Edition Version 8 Service Refresh 7 Fix Pack 35. Please refer to How to upgrade JREs shipped with Tivoli Business Service Manager on how to upgrade the Java runtime.

Workarounds and Mitigations

None