IBM Support

Security Bulletin: IBM Tivoli System Automation for Integrated Operations Management 2.1.1 Vulnerability: Multiple security vulnerabilities in IBM JREs 6.0 and 7.0

Flashes (Alerts)


Abstract

Multiple security vulnerabilities exist in the IBM Java Runtime Environment component of IBM Tivoli System Automation for Integrated Operations Management which may affect the product.

Content

VULNERABILITY DETAILS:


DESCRIPTION:
There are multiple security vulnerabilities in the IBM Java Runtime Environment component, and all are applicable to IBM JRE 6.0 and 7.0.

CVEIDs (for both IBM JRE 6.0 and 7.0): CVE-2012-1541, CVE-2012-3174, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0422, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0449, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1484, CVE-2013-1485, CVE-2013-1486, CVE-2013-1487, CVE-2013-1493, CVE-2013-0169, CVE-2013-0401, CVE-2013-1488, CVE-2013-1491, CVE-2013-1518, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1563, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2436, CVE-2013-2438, CVE-2013-2440

CVEID: CVE-2012-1541
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81761
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2012-3174
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81200
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2012-3213
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81769
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2012-3342
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/78334
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0351
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81786
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVEID: CVE-2013-0409
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81793
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-0419
CVSS Base Score: 7.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81783
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0422
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81117
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0423
CVSS Base Score: 7.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81784
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0424
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81798
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-0425
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81766
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0426
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81767
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0427
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81795
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-0428
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81768
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0431
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81794
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-0432
CVSS Base Score: 6.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81788
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVEID: CVE-2013-0433
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81797
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-0434
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81792
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-0435
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81791
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-0437
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81753
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0438
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81800
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-0440
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81799
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2013-0442
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81755
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0443
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81801
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)

CVEID: CVE-2013-0444
CVSS Base Score: 7.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81781
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0445
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81756
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0446
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81762
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0449
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81789
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-0450
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81764
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0809
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/82515
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1473
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81790
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-1475
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81759
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1476
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81760
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1478
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81754
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1480
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81757
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1481
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81770
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1484
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/82179
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1485
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/82180
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-1486
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/82178
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1487
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/82177
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1493
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/82514
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2432
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83559
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1558
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83561
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2440
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83562
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2435
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83563
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2431
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83564
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2425
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83565
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1518
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83566
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2422
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83570
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1537
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83571
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1557
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83572
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1491
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/82820
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1488
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/82821
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0401
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/82823
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2383
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83555
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2384
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83556
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1569
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83557
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2434
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83558
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2420
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83560
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2421
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83573
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2426
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83574
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2436
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83575
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2394
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83576
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2419
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83581
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2423
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83591
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2430
CVSS Base Score: 7.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83577
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2429
CVSS Base Score: 7.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83578
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1563
CVSS Base Score: 7.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83579
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2424
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83582
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-2438
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83585
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-2417
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83586
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2013-2418
CVSS Base Score: 4.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83587
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVEID: CVE-2013-2416
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83588
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-2433
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83589
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-1540
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83590
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-2415
CVSS Base Score: 2.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83592
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-0169
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/81902
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

* The CVSS Environmental Score is specific to the customer environment and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the “References:” information section of this Flash.



AFFECTED PRODUCTS AND VERSIONS:
IBM Tivoli System Automation for Integrated Operations Management 2.1


REMEDIATION:
A product upgrade to the latest IBM Tivoli System Automation for Integrated Operations Management 2.1.1.4 is recommended. Please upgrade therefore to IBM Tivoli System Automation for Integrated Operations Management 2.1.1, and apply then the mentioned fixpack 2.1.1.4.


Link to download SA IOM 2.1.1.4 (fix pack 4) for Windows:
http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+System+Automation+for+Integrated+Operations+Management&release=2.1.1.4&platform=Windows&function=all



Workaround(s):
<None>

Mitigation(s):
<None>

REFERENCES:
· Complete CVSS Guide (http://www.first.org/cvss/user-guide)
· On-line Calculator V2 (http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2)

· CVE-2012-1541 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1541, https://exchange.xforce.ibmcloud.com/vulnerabilities/81761)

· CVE-2012-3174 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-3174, https://exchange.xforce.ibmcloud.com/vulnerabilities/81200)

· CVE-2012-3213 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-3213, https://exchange.xforce.ibmcloud.com/vulnerabilities/81769)

· CVE-2012-3342 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-3342, https://exchange.xforce.ibmcloud.com/vulnerabilities/78334)

· CVE-2013-0351 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0351, https://exchange.xforce.ibmcloud.com/vulnerabilities/81786)

· CVE-2013-0409 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0409, https://exchange.xforce.ibmcloud.com/vulnerabilities/81793)

· CVE-2013-0419 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0419, https://exchange.xforce.ibmcloud.com/vulnerabilities/81783)

· CVE-2013-0422 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0422, https://exchange.xforce.ibmcloud.com/vulnerabilities/81117)

· CVE-2013-0423 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0423, https://exchange.xforce.ibmcloud.com/vulnerabilities/81784)

· CVE-2013-0424 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0424, https://exchange.xforce.ibmcloud.com/vulnerabilities/81798)

· CVE-2013-0425 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0425, https://exchange.xforce.ibmcloud.com/vulnerabilities/81766)

· CVE-2013-0426 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0426, https://exchange.xforce.ibmcloud.com/vulnerabilities/81767)

· CVE-2013-0427 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0427, https://exchange.xforce.ibmcloud.com/vulnerabilities/81795)

· CVE-2013-0428 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0428, https://exchange.xforce.ibmcloud.com/vulnerabilities/81768)

· CVE-2013-0431 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0431, https://exchange.xforce.ibmcloud.com/vulnerabilities/81794)

· CVE-2013-0432 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0432, https://exchange.xforce.ibmcloud.com/vulnerabilities/81788)

· CVE-2013-0433 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0433, https://exchange.xforce.ibmcloud.com/vulnerabilities/81797)

· CVE-2013-0434 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0434, https://exchange.xforce.ibmcloud.com/vulnerabilities/81792)

· CVE-2013-0435 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0435, https://exchange.xforce.ibmcloud.com/vulnerabilities/81791)

· CVE-2013-0437 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0437, https://exchange.xforce.ibmcloud.com/vulnerabilities/81753)

· CVE-2013-0438 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0438, https://exchange.xforce.ibmcloud.com/vulnerabilities/81800)

· CVE-2013-0440 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0440, https://exchange.xforce.ibmcloud.com/vulnerabilities/81799)

· CVE-2013-0442 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0442, https://exchange.xforce.ibmcloud.com/vulnerabilities/81755)

· CVE-2013-0443 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0443, https://exchange.xforce.ibmcloud.com/vulnerabilities/81801)

· CVE-2013-0444 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0444, https://exchange.xforce.ibmcloud.com/vulnerabilities/81781)

· CVE-2013-0445 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0445, https://exchange.xforce.ibmcloud.com/vulnerabilities/81756)

· CVE-2013-0446 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0446, https://exchange.xforce.ibmcloud.com/vulnerabilities/81762)

· CVE-2013-0449 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0449, https://exchange.xforce.ibmcloud.com/vulnerabilities/81789)

· CVE-2013-0450 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0450, https://exchange.xforce.ibmcloud.com/vulnerabilities/81764)

· CVE-2013-0809 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0809, https://exchange.xforce.ibmcloud.com/vulnerabilities/82515)

· CVE-2013-1473 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1473, https://exchange.xforce.ibmcloud.com/vulnerabilities/81790)

· CVE-2013-1475 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1475, https://exchange.xforce.ibmcloud.com/vulnerabilities/81759)

· CVE-2013-1476 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1476, https://exchange.xforce.ibmcloud.com/vulnerabilities/81760)

· CVE-2013-1478 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1478, https://exchange.xforce.ibmcloud.com/vulnerabilities/81754)

· CVE-2013-1480 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1480, https://exchange.xforce.ibmcloud.com/vulnerabilities/81757)

· CVE-2013-1481 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1481, https://exchange.xforce.ibmcloud.com/vulnerabilities/81770)

· CVE-2013-1484 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1484, https://exchange.xforce.ibmcloud.com/vulnerabilities/82179)

· CVE-2013-1485 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1485, https://exchange.xforce.ibmcloud.com/vulnerabilities/82180)

· CVE-2013-1486 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1486, https://exchange.xforce.ibmcloud.com/vulnerabilities/82178)

· CVE-2013-1487 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1487, https://exchange.xforce.ibmcloud.com/vulnerabilities/82177)

· CVE-2013-1493 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1493, https://exchange.xforce.ibmcloud.com/vulnerabilities/82514)

· CVE-2013-0169 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0169, https://exchange.xforce.ibmcloud.com/vulnerabilities/81902)

· CVE-2013-0401 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0401, https://exchange.xforce.ibmcloud.com/vulnerabilities/82823)

· CVE-2013-1488 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1488, https://exchange.xforce.ibmcloud.com/vulnerabilities/82821)

· CVE-2013-1491 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1491, https://exchange.xforce.ibmcloud.com/vulnerabilities/82820)

· CVE-2013-1518 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1518, https://exchange.xforce.ibmcloud.com/vulnerabilities/83566)

· CVE-2013-1537 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1537, https://exchange.xforce.ibmcloud.com/vulnerabilities/83571)

· CVE-2013-1540 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1540, https://exchange.xforce.ibmcloud.com/vulnerabilities/83590)

· CVE-2013-1557 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1557, https://exchange.xforce.ibmcloud.com/vulnerabilities/83572)

· CVE-2013-1558 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1558, https://exchange.xforce.ibmcloud.com/vulnerabilities/83561)

· CVE-2013-1563 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1563, https://exchange.xforce.ibmcloud.com/vulnerabilities/83579)

· CVE-2013-1569 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1569, https://exchange.xforce.ibmcloud.com/vulnerabilities/83557)

· CVE-2013-2383 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2383, https://exchange.xforce.ibmcloud.com/vulnerabilities/83555)

· CVE-2013-2384 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2384, https://exchange.xforce.ibmcloud.com/vulnerabilities/83556)

· CVE-2013-2394 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2394, https://exchange.xforce.ibmcloud.com/vulnerabilities/83576)

· CVE-2013-2415 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2415, https://exchange.xforce.ibmcloud.com/vulnerabilities/83592)

· CVE-2013-2416 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2416, https://exchange.xforce.ibmcloud.com/vulnerabilities/83588)

· CVE-2013-2417 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2417, https://exchange.xforce.ibmcloud.com/vulnerabilities/83586)

· CVE-2013-2418 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2418, https://exchange.xforce.ibmcloud.com/vulnerabilities/83587)

· CVE-2013-2419 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2419, https://exchange.xforce.ibmcloud.com/vulnerabilities/83581)

· CVE-2013-2420 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2420, https://exchange.xforce.ibmcloud.com/vulnerabilities/83560)

· CVE-2013-2421 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2421, https://exchange.xforce.ibmcloud.com/vulnerabilities/83573)

· CVE-2013-2422 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2422, https://exchange.xforce.ibmcloud.com/vulnerabilities/83570)

· CVE-2013-2423 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2423, https://exchange.xforce.ibmcloud.com/vulnerabilities/83591)

· CVE-2013-2424 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2424, https://exchange.xforce.ibmcloud.com/vulnerabilities/83582)

· CVE-2013-2425 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2425, https://exchange.xforce.ibmcloud.com/vulnerabilities/83565)

· CVE-2013-2426 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2426, https://exchange.xforce.ibmcloud.com/vulnerabilities/83574)

· CVE-2013-2429 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2429, https://exchange.xforce.ibmcloud.com/vulnerabilities/83578)

· CVE-2013-2430 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2430, https://exchange.xforce.ibmcloud.com/vulnerabilities/83577)

· CVE-2013-2431 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2431, https://exchange.xforce.ibmcloud.com/vulnerabilities/83574)

· CVE-2013-2432 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2432, https://exchange.xforce.ibmcloud.com/vulnerabilities/83559)

· CVE-2013-2433 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2433, https://exchange.xforce.ibmcloud.com/vulnerabilities/83589)

· CVE-2013-2434 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2434, https://exchange.xforce.ibmcloud.com/vulnerabilities/83558)

· CVE-2013-2435 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2435, https://exchange.xforce.ibmcloud.com/vulnerabilities/83563)

· CVE-2013-2436 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2436, https://exchange.xforce.ibmcloud.com/vulnerabilities/83575)

· CVE-2013-2438 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2438, https://exchange.xforce.ibmcloud.com/vulnerabilities/83585)

· CVE-2013-2440 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2440, https://exchange.xforce.ibmcloud.com/vulnerabilities/83562)



RELATED INFORMATION:
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog


CHANGE HISTORY
<18 June 2013>: Document created


*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash.


Note: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

[{"Product":{"code":"SS6V4G","label":"Tivoli System Automation for Integrated Operations Management"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"--","Platform":[{"code":"PF033","label":"Windows"}],"Version":"2.1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
25 September 2022

UID

swg21642358

Page Feedback