IBM Support

Security Bulletin: IBM InfoSphere Optim Performance Manager affected by vulnerability in IBM Java Runtime Environment (CVE-2013-4002)

Flashes (Alerts)


Abstract

Unspecified vulnerability in the IBM Java Runtime Environment (JRE) in IBM Java allows remote attackers to affect availability via unknown vectors.

Content


VULNERABILITY DETAILS:

CVE ID: CVE-2013-4002

CVSS:
CVSS Base Score: 7.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/85260
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)


AFFECTED PRODUCTS:

IBM Optim Performance Manager for DB2 on Linux, UNIX, and Windows version 4.1 through 4.1.1

IBM InfoSphere Optim Performance Manager for DB2 on Linux, UNIX, and Windows version 5.1 through 5.3

REMEDIATION:

FIX(ES):

You must replace the IBM JRE that is installed with IBM InfoSphere Optim Performance Manager for DB2 on Linux, UNIX, and Windows with the latest IBM JRE. Detailed instructions are provided in the technote Updating the IBM JRE for InfoSphere Optim Performance Manager.


WORKAROUND(S):
None known.

MITIGATION(S):
None known.

REFERENCES:

Complete CVSS Guide
On-line Calculator V2


RELATED INFORMATION:
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

ACKNOWLEDGEMENT:
None

CHANGE HISTORY:
<2013-08-28> Original version published

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash.


Note: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

[{"Product":{"code":"SSBH2R","label":"InfoSphere Optim Performance Manager for Db2 for Linux, UNIX, and Windows"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Not Applicable","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"5.3;5.2;5.1.1.1;5.1.1;5.1;4.1.1;4.1.0.1;4.1","Edition":"Content Manager Edition;Enterprise Edition;Extended Edition;Extended Insight;Workgroup Edition","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
25 September 2022

UID

swg21648197

Page Feedback