Vulnerability Name:

CVE-2021-41035 (CCN-212010)

Assigned:2021-10-20
Published:2021-10-20
Updated:2021-10-28
Summary:In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods.
CVSS v3 Severity:9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.7 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)
6.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
5.3 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.0 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
CWE-732
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2021-41035

Source: CCN
Type: Bugzilla - Bug 576395
OpenJ9 must throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods

Source: CONFIRM
Type: Vendor Advisory
https://bugs.eclipse.org/bugs/show_bug.cgi?id=576395

Source: XF
Type: UNKNOWN
eclipse-cve202141035-priv-esc(212010)

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/eclipse-openj9/openj9/pull/13740

Source: CONFIRM
Type: Vendor Advisory
https://gitlab.eclipse.org/eclipsefdn/emo-team/emo/-/issues/104

Source: CCN
Type: Eclipse Web site
Eclipse Openj9

Source: CCN
Type: IBM Security Bulletin 6522860 (Java)
Multiple vulnerabilities may affect IBM SDK, Java Technology Edition

Source: CCN
Type: IBM Security Bulletin 6522862 (Semeru Runtimes)
Multiple vulnerabilities may affect IBM Semeru Runtime

Source: CCN
Type: IBM Security Bulletin 6523752 (Event Streams)
IBM Event Streams affected by multiple vulnerabilities in the Java runtime

Source: CCN
Type: IBM Security Bulletin 6524676 (Tivoli Business Service Manager)
Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager

Source: CCN
Type: IBM Security Bulletin 6525758 (Business Automation Workflow)
Multiple vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Digital Business Automation Workflow family products Java CPU October 2021

Source: CCN
Type: IBM Security Bulletin 6526068 (Rational Asset Analyzer)
Vulnerabilities in IBM Java affecting IBM Rational Asset Analyzer.

Source: CCN
Type: IBM Security Bulletin 6528018 (SPSS Statistics)
Mutliple Vulnerabilities in Java Runtime affects IBM SPSS Statistics

Source: CCN
Type: IBM Security Bulletin 6529490 (WebSphere Application Server Patterns)
Multiple vulnerabilities in IBM Java SDK affects WebSphere Application Server October 2021 CPU that is bundled with IBM WebSphere Application Server Patterns

Source: CCN
Type: IBM Security Bulletin 6536922 (SPSS Statistics Subscription)
Multiple Vulnerabilities in Java Runtime affects IBM SPSS Statistics Subscription

Source: CCN
Type: IBM Security Bulletin 6538366 (Rational Functional Tester)
Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Source: CCN
Type: IBM Security Bulletin 6539506 (Cloud Transformation Advisor)
Multiple Security Vulnerabilities Affect IBM Cloud Transformation Advisor

Source: CCN
Type: IBM Security Bulletin 6540570 (MQ)
IBM MQ is vulnerable to multiple issues in IBM Runtime Environment Java Technology Edition, Version 8 and Version 7 (CVE-2021-35578, CVE-2021-35588, CVE-2021-41035)

Source: CCN
Type: IBM Security Bulletin 6540600 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6540918 (DataQuant for z/OS)
IBM SDK Java 8.0.7.0 Update for IBM DataQuant

Source: CCN
Type: IBM Security Bulletin 6541318 (Rational Build Forge)
IBM Rational Build Forge 8.0.x is affected by Java version used in it.(CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564, CVE-2021-35559, CVE-2021-35556, CVE-2021-35565, CVE-2021-35588, CVE-2021-41035)

Source: CCN
Type: IBM Security Bulletin 6549910 (i)
Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM i

Source: CCN
Type: IBM Security Bulletin 6550514 (Liberty for Java)
Multiple vulnerabilities in IBM Java SDK affect Liberty for Java for IBM Cloud October 2021 CPU

Source: CCN
Type: IBM Security Bulletin 6554578 (Security Directory Server Virtual Appliance)
Multiple security vulnerabilities have been identified in IBM Java SDK that affect IBM Security Directory Suite - October 2021 CPU

Source: CCN
Type: IBM Security Bulletin 6555112 (CICS TX on Cloud)
A vulnerability in IBM Java Runtime affects IBM CICS TX on Cloud

Source: CCN
Type: IBM Security Bulletin 6555376 (Cognos Command Center)
IBM Cognos Command Center is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6556970 (Watson Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Java

Source: CCN
Type: IBM Security Bulletin 6557216 (Tivoli Application Dependency Discovery Manager)
Due to use of IBM SDK, Java Technology Edition, IBM Tivoli Application Dependency Discovery Manager (TADDM) is vulnerable to denial of service

Source: CCN
Type: IBM Security Bulletin 6558182 (Tivoli Composite Application Manager for Transactions)
IBM SDK, Java Technology Edition Quarterly CPU - Oct 2021 - Includes Oracle October 2021 CPU (minus CVE-2021-35550/35561/35603) plus CVE-2021-41035 affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Source: CCN
Type: IBM Security Bulletin 6558494 (Cloud Application Business Insights)
Vulnerabilities in Java impact IBM Cloud Application Business Insights (CVE-2021-35550, CVE-2021-35561, CVE-2021-35603, and CVE-2021-41035)

Source: CCN
Type: IBM Security Bulletin 6558514 (Content Collector for File Systems)
Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Source: CCN
Type: IBM Security Bulletin 6558516 (Content Collector for Microsoft SharePoint)
Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Source: CCN
Type: IBM Security Bulletin 6558520 (Content Collector for IBM Connections)
Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Source: CCN
Type: IBM Security Bulletin 6558524 (Content Collector for Email)
Multiple vulnerabilities in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Source: CCN
Type: IBM Security Bulletin 6558542 (CICS Transaction Gateway)
February 2022 :Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway

Source: CCN
Type: IBM Security Bulletin 6558550 (TXSeries for Multiplatforms)
A vulnerability in IBM Java Runtime affects TXSeries for Multiplatforms

Source: CCN
Type: IBM Security Bulletin 6558908 (AIX)
Multiple vulnerabilities in IBM Java SDK affect AIX

Source: CCN
Type: IBM Security Bulletin 6559324 (Watson Speech Services Cartridge for Cloud Pak for Data)
Vulnerabilities in Java SE affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data

Source: CCN
Type: IBM Security Bulletin 6560416 (Connect:Direct Web Services)
Multiple Vulnerabilities in IBM Java Runtime Affect IBM Connect:Direct Web Services

Source: CCN
Type: IBM Security Bulletin 6561041 (Sterling Connect:Direct Browser User Interface)
Multiple Vulnerabilities in Sterling Connect:Direct Browser User Interface

Source: CCN
Type: IBM Security Bulletin 6561229 (Cloud Pak for Automation)
Multiple security vulnerability are addressed in monthly security fix for IBM Cloud Pak for Business Automation February 2022

Source: CCN
Type: IBM Security Bulletin 6561577 (DB2 Recovery Expert for LUW)
Some unspecified vulnerabilities in Java SE result in the unauthenticated attacker to take control of the system or some impact

Source: CCN
Type: IBM Security Bulletin 6563573 (Security Guardium)
IBM Security Guardium is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6565729 (License Metric Tool)
A vulnerability in Java affects IBM License Metric Tool v9 (CVE-2021-35578).

Source: CCN
Type: IBM Security Bulletin 6566227 (Rational Application Developer)
IBM SDK, Java Technology Edition, Security Update October 2021

Source: CCN
Type: IBM Security Bulletin 6566881 (Cloud Pak System)
Multiple Vulnerabilities in IBM Java SDK affect Cloud Pak System

Source: CCN
Type: IBM Security Bulletin 6567133 (Rational Software Architect Designer)
IBM SDK, Java Technology Edition Quarterly CPU - Oct 2021and Jan 2022

Source: CCN
Type: IBM Security Bulletin 6568225 (Tivoli Netcool/Impact)
A vulnerability in IBM Java SDK affects IBM Tivoli Netcool Impact (CVE-2021-35560, CVE-2021-35578, CVE-2021-35564, CVE-2021-35565, CVE-2021-35588, CVE-2021-41035)

Source: CCN
Type: IBM Security Bulletin 6568741 (Integration Bus)
Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterprise

Source: CCN
Type: IBM Security Bulletin 6574513 (Cloud Private)
Security Vulnerabilities affect IBM Cloud Private - Java (Multiple CVEs)

Source: CCN
Type: IBM Security Bulletin 6574787 (QRadar SIEM)
IBM QRadar SIEM is vulnerable to using components with Known Vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6575093 (Tivoli Monitoring)
Vulnerabilities in IBM Java included with IBM Tivoli Monitoring

Source: CCN
Type: IBM Security Bulletin 6591155 (Security SOAR)
IBM Security SOAR is using a component with multiple known vulnerabilities - IBM JDK 8.0.7.0

Source: CCN
Type: IBM Security Bulletin 6597615 (Watson Knowledge Catalog on-prem)
Multiple Vulnerabilities in Java affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

Source: CCN
Type: IBM Security Bulletin 6602023 (Tivoli Netcool/OMNIbus)
Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Source: CCN
Type: IBM Security Bulletin 6607167 (Workload Scheduler)
Vulnerabilities in IBM SDK Java Technology Edition, Version 8, that is used by IBM Workload Scheduler.

Source: CCN
Type: IBM Security Bulletin 6616545 (Netcool Operations Insight)
Netcool Operations Insight v1.6.5 contains fixes for multiple security vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 6618733 (Intelligent Operations Center)
Multiple vulnerabilities have been identified in Oracle October 2021 CPU for Java 8 shipped with IBM Intelligent Operations Center (CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564, CVE-2021-35559, CVE)

Source: CCN
Type: IBM Security Bulletin 6837345 (PureData System for Operational Analytics)
IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics

Source: CCN
Type: IBM Security Bulletin 6841803 (Cognos Controller)
IBM Cognos Controller has addressed multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6987741 (Spectrum Scale)
IBM Spectrum Scale Transparent Cloud Tiering is affected by multiple vulnerabilities in IBM Runtime Environment Java

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-41035

Vulnerable Configuration:Configuration 1:
  • cpe:/a:eclipse:openj9:*:*:*:*:*:*:*:* (Version < 0.29.0)

    • Configuration RedHat 1:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/a:redhat:enterprise_linux:8::supplementary:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:eclipse:openj9:0.28.0:milestone1:*:*:*:*:*:*
  • AND
  • cpe:/o:ibm:aix:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:business_process_manager:8.5:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_netcool/impact:7.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_netcool/omnibus:8.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:txseries:8.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:license_metric_tool:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server_patterns:1.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mq:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_functional_tester:9.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:business_process_manager:8.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_functional_tester:9.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:10.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_asset_analyzer:6.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server_patterns:1.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server_patterns:2.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_software_architect_designer:9.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:app_connect:11.0.0.0:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:integration_bus:10.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:10.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_functional_tester:9.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:intelligent_operations_center:5.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:intelligent_operations_center:5.1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:intelligent_operations_center:5.1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:intelligent_operations_center:5.1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:intelligent_operations_center:5.1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.4.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:java:7.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:java:7.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:java:8.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_system:2.3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_discovery:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_recovery_expert:5.5:if1:*:*:linux:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:19.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3.3:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:content_collector:4.0.0:*:*:*:email:*:*:*
  • OR cpe:/a:ibm:content_collector:4.0.1:*:*:*:email:*:*:*
  • OR cpe:/a:ibm:txseries:9.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:dataquant:2.1:*:*:*:z/os:*:*:*
  • OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_system:2.3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_private:3.2.1:cd:*:*:*:*:*:*
  • OR cpe:/a:ibm:data_risk_manager:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:2019.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:20.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:18.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:19.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:20.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_asset_analyzer:6.1.0.23:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:data_risk_manager:2.0.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:data_risk_manager:2.0.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:intelligent_operations_center:5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:intelligent_operations_center:5.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2_recovery_expert:5.5.0.1:*:*:*:linux:*:*:*
  • OR cpe:/a:ibm:event_streams:2019.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:10.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_private:3.2.2:cd:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_composite_application_manager:7.4.0:*:*:*:transactions:*:*:*
  • OR cpe:/a:ibm:cics_transaction_gateway:8.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_transaction_gateway:8.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_transaction_gateway:8.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_transaction_gateway:8.1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_transaction_gateway:9.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_transaction_gateway:9.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_transaction_gateway:9.1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_transaction_gateway:9.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_transaction_gateway:9.2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:content_collector:4.0.1:*:*:*:ibm_connections:*:*:*
  • OR cpe:/a:ibm:cloud_pak_system:2.3.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:20.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_transaction_gateway:9.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_system:2.3.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_system:2.3.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_system:2.3.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:2019.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:10.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_application_business_insights:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:20.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.6:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:watson_discovery:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_system:2.3.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:10.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:21.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:app_connect_enterprise:12.0.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:21.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:10.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:10.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.4:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:data_risk_manager:2.0.6.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:19.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:19.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:18.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:18.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:19.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:19.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:20.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:20.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.3:-:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:8079
    P
    		java-1_8_0-ibm-1.8.0_sr8.0-150000.3.71.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:3437
    P
    		audiofile-0.3.6-11.3.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:95067
    P
    		java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1 on GA media (Moderate)
    2022-06-22
    oval:com.redhat.rhsa:def:20220345
    P
    		RHSA-2022:0345: java-1.8.0-ibm security update (Important)
    2022-02-01
    oval:org.opensuse.security:def:125707
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2022-01-24
    oval:org.opensuse.security:def:127270
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2022-01-24
    oval:org.opensuse.security:def:5236
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2022-01-24
    oval:org.opensuse.security:def:126873
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2022-01-24
    oval:org.opensuse.security:def:6035
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2022-01-24
    oval:org.opensuse.security:def:5208
    P
    		Security update for java-1_8_0-ibm (Important)
    2022-01-18
    oval:org.opensuse.security:def:119357
    P
    		Security update for java-1_8_0-ibm (Important)
    2022-01-18
    oval:org.opensuse.security:def:1230
    P
    		Security update for java-1_8_0-ibm (Important)
    2022-01-18
    oval:org.opensuse.security:def:126849
    P
    		Security update for java-1_8_0-ibm (Important)
    2022-01-18
    oval:org.opensuse.security:def:119542
    P
    		Security update for java-1_8_0-ibm (Important)
    2022-01-18
    oval:org.opensuse.security:def:5997
    P
    		Security update for java-1_8_0-ibm (Important)
    2022-01-18
    oval:org.opensuse.security:def:125683
    P
    		Security update for java-1_8_0-ibm (Important)
    2022-01-18
    oval:org.opensuse.security:def:127246
    P
    		Security update for java-1_8_0-ibm (Important)
    2022-01-18
    oval:org.opensuse.security:def:101890
    P
    		Security update for java-1_8_0-ibm (Important)
    2022-01-18
    oval:org.opensuse.security:def:31370
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:57194
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:86214
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:26218
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:55315
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:83375
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:40312
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:76444
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:92674
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:111857
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:6490
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:69616
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:102926
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:33108
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:58932
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:88595
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:30168
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:56110
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:84755
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:24046
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:51763
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:82699
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:109592
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:10425
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:70578
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:34670
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:60494
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:99425
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:31371
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:57573
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:86215
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:29492
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:55316
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:83494
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:41395
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:44742
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:92873
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:106115
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:9476
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:69815
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:102930
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:33109
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:59872
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:88596
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:30287
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:56111
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:85834
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:24047
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:52034
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:82700
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:109596
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:10438
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:70582
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:34671
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:67376
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:99624
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:31750
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:57574
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:87572
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:29493
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:55990
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:83495
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:23774
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:45825
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:96246
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:106314
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:9675
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:70014
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:34049
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:59873
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:89527
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:30288
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:57193
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:85835
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:26217
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:52035
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:83374
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:38173
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:10442
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:92475
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:6287
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:67579
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:99823
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:31751
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:58931
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:87573
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:30167
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:55991
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:84754
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:23775
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:51762
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:96256
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:106513
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:9874
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:70565
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:34050
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:60493
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:89528
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    BACK
    eclipse openj9 *
    eclipse openj9 0.28.0 milestone1
    ibm aix 7.1
    ibm rational build forge 8.0
    ibm tivoli monitoring 6.3.0
    ibm business process manager 8.5
    ibm i 7.1
    ibm i 7.2
    ibm tivoli netcool/impact 7.1.0
    ibm tivoli netcool/omnibus 8.1.0
    ibm txseries 8.2
    ibm license metric tool 9.2
    ibm i 7.3
    ibm websphere application server patterns 1.0.0.0
    ibm aix 7.2
    ibm mq 8.0
    ibm rational functional tester 9.1
    ibm business process manager 8.6
    ibm rational functional tester 9.2
    ibm security guardium 10.5
    ibm rational asset analyzer 6.1.0.0
    ibm websphere application server patterns 1.0.0.7
    ibm websphere application server patterns 2.2.0.0
    ibm tivoli monitoring 6.3.0.7
    ibm rational software architect designer 9.6
    ibm app connect 11.0.0.0
    ibm integration bus 10.0.0.0
    ibm security guardium 10.6
    ibm cognos command center 10.2.4.1
    ibm rational functional tester 9.5
    ibm intelligent operations center 5.1.0
    ibm intelligent operations center 5.1.0.2
    ibm intelligent operations center 5.1.0.3
    ibm intelligent operations center 5.1.0.4
    ibm intelligent operations center 5.1.0.6
    ibm cognos controller 10.4.0
    ibm i 7.4
    ibm java 7.0.0.0
    ibm java 7.1.0.0
    ibm java 8.0.0.0
    ibm cognos controller 10.4.1
    ibm vios 3.1
    ibm cloud pak system 2.3.0.1
    ibm watson discovery 2.0.0
    ibm db2 recovery expert 5.5 if1
    ibm cloud pak for automation 19.0.3
    ibm qradar security information and event manager 7.3.3
    ibm content collector 4.0.0
    ibm content collector 4.0.1
    ibm txseries 9.1
    ibm dataquant 2.1
    ibm tivoli application dependency discovery manager 7.3.0.0
    ibm security guardium 11.0
    ibm cloud pak system 2.3.1.1
    ibm security guardium 11.1
    ibm cloud private 3.2.1 cd
    ibm data risk manager 2.0.6
    ibm event streams 2019.4.1
    ibm cloud pak for automation 20.0.1
    ibm business automation workflow 18.0
    ibm business automation workflow 19.0
    ibm business automation workflow 20.0
    ibm rational asset analyzer 6.1.0.23
    ibm data risk manager 2.0.6.1
    ibm data risk manager 2.0.6.2
    ibm intelligent operations center 5.2
    ibm intelligent operations center 5.2.1
    ibm db2 recovery expert 5.5.0.1
    ibm event streams 2019.4.2
    ibm event streams 10.0.0
    ibm cloud private 3.2.2 cd
    ibm tivoli composite application manager 7.4.0
    ibm cics transaction gateway 8.0.0.0
    ibm cics transaction gateway 8.0.0.6
    ibm cics transaction gateway 8.1.0.0
    ibm cics transaction gateway 8.1.0.5
    ibm cics transaction gateway 9.0.0.0
    ibm cics transaction gateway 9.1.0.0
    ibm cics transaction gateway 9.1.0.3
    ibm cics transaction gateway 9.2.0.0
    ibm cics transaction gateway 9.2.0.2
    ibm content collector 4.0.1
    ibm cloud pak system 2.3.2.0
    ibm cloud pak for automation 20.0.2
    ibm security guardium 11.2
    ibm cics transaction gateway 9.0.0.5
    ibm cognos controller 10.4.2
    ibm cloud pak system 2.3.3.0
    ibm cloud pak system 2.3.3.1
    ibm cloud pak system 2.3.3.2
    ibm event streams 2019.4.3
    ibm event streams 10.1.0
    ibm cloud application business insights 1.1.5
    ibm cloud pak for automation 20.0.3
    ibm rational application developer 9.6
    ibm watson discovery 2.2.1
    ibm cloud pak system 2.3.3.3
    ibm security guardium 11.3
    ibm event streams 10.2.0
    ibm cloud pak for automation 21.0.1
    ibm app connect enterprise 12.0.1.0
    ibm cloud pak for automation 21.0.2 -
    ibm qradar security information and event manager 7.4.3 -
    ibm event streams 10.3.0
    ibm event streams 10.3.1
    ibm security guardium 11.4
    ibm aix 7.3
    ibm data risk manager 2.0.6.4
    ibm cloud pak for automation 19.0.1
    ibm qradar security information and event manager 7.5.0 -
    ibm cloud pak for automation 19.0.2
    ibm cloud pak for business automation 18.0.0
    ibm cloud pak for business automation 18.0.2
    ibm cloud pak for business automation 19.0.1
    ibm cloud pak for business automation 19.0.3
    ibm cloud pak for business automation 20.0.1
    ibm cloud pak for business automation 20.0.3
    ibm cloud pak for business automation 21.0.1 -
    ibm cloud pak for business automation 21.0.2 -
    ibm cloud pak for business automation 21.0.3 -