The IBM Runtime Environment Java Version 8 used by Transparent Cloud Tiering has a vulnerability which disclosed as part of the IBM Java SDK updates in April 2019. Transparent Cloud Tiering has addressed the applicable vulnerability.
CVEID: CVE-2019-2602 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159698> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Transparent Cloud Tiering 1.1.1.0 thru 1.1.3.9
Transparent Cloud Tiering 1.1.5.0 thru 1.1.7.0
For Transparent Cloud Tiering 1.1.1.0 thru 1.1.3.9 , apply Transparent Cloud Tiering 1.1.3.10 bundled with IBM Spectrum Scale V4.2.3.16 available from FixCentral at:
For Transparent Cloud Tiering 1.1.5.0 thru 1.1.7.0, apply Transparent Cloud Tiering 1.1.7.1 bundled with IBM Spectrum Scale V5.0.3.1 available from FixCentral at:
None