Lucene search

IBMD7F9F6844C0B2A7AD577E157F60824D8F5E539422CB268955C43FA58749778CA

HistoryDec 06, 2022 - 4:11 p.m.

Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Business Service Manager (CVE-2021-2163)

2022-12-0616:11:48

www.ibm.com

ibm tivoli business service manager

ibm® sdk

java™ technology edition

cve-2021-2163

security bulletin

upgrade

vulnerability

java se

ibmcloud

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS

0.002

Percentile

60.9%

JSON

Summary

IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about a security vulnerability affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin.

Vulnerability Details

CVEID:CVE-2021-2163
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/200292 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Tivoli Business Service Manager	6.2.0

Remediation/Fixes

Principal Product and Version(s)	Affected Supporting Product and Version
IBM Tivoli Business Service Manager 6.2.0	IBM strongly recommends addressing the vulnerability now by upgrading the Java SDK.

Security Bulletin: CVE-2021-2163 may affect IBM® SDK, Java™ Technology Edition

Upgrade to IBM® SDK, Java™ Technology Edition Version 8 Service Refresh 7 FP15, please follow How to upgrade JREs shipped with Tivoli Business Service Manager to upgrade.