CVE-2017-1376

EUVD-2017-10392
A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
Affected Products (NVD)
VendorProductVersion
ibmoperations_analytics_predictive_insights
1.3.0
ibmoperations_analytics_predictive_insights
1.3.1
ibmoperations_analytics_predictive_insights
1.3.2
ibmoperations_analytics_predictive_insights
1.3.3
ibmoperations_analytics_predictive_insights
1.3.5
ibmoperations_analytics_predictive_insights
1.3.6
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ibm-java80
artful
dne
bionic
Fixed 8.0.5.16-0ubuntu1
released
trusty
dne
xenial
Fixed 8.0.5.16-0ubuntu1
released
zesty
dne
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg22007305&myns=swgtiv&mynp=OCSSJQQ3&mync=E&cm_sp=swgtiv-_-OCSSJQQ3-_-E
https://access.redhat.com/errata/RHSA-2017:2469
https://access.redhat.com/errata/RHSA-2017:2481
https://exchange.xforce.ibmcloud.com/vulnerabilities/126873
http://www.ibm.com/support/docview.wss?uid=swg22007305&myns=swgtiv&mynp=OCSSJQQ3&mync=E&cm_sp=swgtiv-_-OCSSJQQ3-_-E
https://access.redhat.com/errata/RHSA-2017:2469
https://access.redhat.com/errata/RHSA-2017:2481
https://exchange.xforce.ibmcloud.com/vulnerabilities/126873