{ "id": "CVE-2015-1931", "sourceIdentifier": "psirt@us.ibm.com", "published": "2022-09-29T03:15:11.400", "lastModified": "2022-09-30T03:04:01.277", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file." }, { "lang": "es", "value": "IBM Java Security Components en IBM SDK, Java Technology Edition 8 versiones anteriores a SR1 FP10, 7 R1 anteriores a SR3 FP10, 7 anteriores a SR9 FP10, 6 R1 anteriores a SR8 FP7, 6 anteriores a SR16 FP7, y 5.0 anteriores a SR16 FP13, almacena informaci\u00f3n de texto plano en volcados de memoria, lo que permite a usuarios locales obtener informaci\u00f3n confidencial al leer un archivo" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.8, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-312" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*", "versionStartIncluding": "5.0.0.0", "versionEndExcluding": "5.0.16.13", "matchCriteriaId": "69BEADC6-4288-4A8A-B384-8CD56F682D4F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*", "versionStartIncluding": "6.0.0.0", "versionEndExcluding": "6.0.16.7", "matchCriteriaId": "1AAA972B-5EA5-4A0E-AD6F-E3A1D07E9B23" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*", "versionStartIncluding": "6.1.0.0", "versionEndExcluding": "6.1.8.7", "matchCriteriaId": "BB6E79D8-BCA0-4350-B544-1CB2FEF8AE11" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*", "versionStartIncluding": "7.0.0.0", "versionEndExcluding": "7.0.9.10", "matchCriteriaId": "610D1BA4-4F00-4AEB-B239-03A96F2B3DF0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*", "versionStartIncluding": "7.1.0.0", "versionEndExcluding": "7.1.3.10", "matchCriteriaId": "DC07C379-93D1-4061-A8DB-9BB623D0B6AF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*", "versionStartIncluding": "8.0.0.0", "versionEndExcluding": "8.0.1.10", "matchCriteriaId": "98AB5EC9-F74A-4AC4-85B8-9D6D9EEB8D75" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*", "matchCriteriaId": "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", "matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437" }, { "vulnerable": true, "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026" }, { "vulnerable": true, "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "967EC28A-607F-48F4-AD64-5E3041C768F0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "A67A7B7A-998D-4B8C-8831-6E58406565FE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97" } ] } ] } ], "references": [ { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00051.html", "source": "psirt@us.ibm.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00014.html", "source": "psirt@us.ibm.com", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html", "source": "psirt@us.ibm.com", "tags": [ "Third Party Advisory" ] }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html", "source": "psirt@us.ibm.com", "tags": [ "Third Party Advisory" ] }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html", "source": "psirt@us.ibm.com", "tags": [ "Third Party Advisory" ] }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html", "source": "psirt@us.ibm.com", "tags": [ "Third Party Advisory" ] }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html", "source": "psirt@us.ibm.com", "tags": [ "Third Party Advisory" ] }, { "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV75182", "source": "psirt@us.ibm.com", "tags": [ "Vendor Advisory" ] }, { "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962302", "source": "psirt@us.ibm.com", "tags": [ "Vendor Advisory" ] } ] }