Information Disclosure Vulnerability in IBM SDK Java Technology Edition
CVE-2015-5041

9.1CRITICAL

Key Information:

Vendor
IBM
Status
Vendor
CVE Published:
6 June 2016

Summary

The J9 JVM in IBM SDK, Java Technology Edition versions prior to specific service releases is susceptible to exploitation by remote attackers. By invoking non-public interface methods, the vulnerability can expose sensitive information or allow unauthorized data injection, posing significant risks to applications reliant on this Java implementation. Users are encouraged to apply updates to mitigate potential threats associated with this vulnerability.

References

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.