资产资源类型 (Java SDK)
资产资源类型描述 WebSphere Automation 管理和监视的服务器和运行时。
示例资产创建事件 (Java SDK)
{
"type" : "CREATE",
"asset" : {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"id" : "f0842917-7c96-389e-b99f-302df459f944",
"name" : "IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "server-registration-processor",
"apars" : [ ],
"hostName" : "defected1.example.com",
"operatingSystem" : "Linux",
"operatingSystemVersion" : "3.10.0-1160.90.1.el7.x86_64",
"productName" : "IBM J9 VM",
"type" : "jdk",
"unresolvedVulnerabilities" : [ {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "63d3b3f2-e49e-378b-a339-ac3753d48d33",
"name" : "6839565 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21626"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2022-21624"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6839565",
"endVersion" : "8.0.7.19",
"fixPack" : "8.0.7.20",
"iFixes" : [ "PH50734" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "f0a4388b-cbb5-3e46-a267-f230db98c073"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. These might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "677299b0-2524-3c66-9c36-85c16a0a3690",
"name" : "6594523 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21299"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.",
"id" : "CVE-2022-21496"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6594523",
"endVersion" : "8.0.7.9",
"fixPack" : "8.0.7.10",
"iFixes" : [ "PH46425" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "12959664-bdcc-396a-b0af-f15886b07354"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "64f1d4d4-4ea5-367d-93fe-9317af030897",
"name" : "6980375 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21426"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Serialization component could allow a remote attacker to cause a denial of service resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2023-21830"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6980375",
"endVersion" : "8.0.7.99",
"fixPack" : "8.0.8.0",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1775bdd2-6649-350f-9442-0fbd4abeb4f7"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "5041b7c1-f13a-34aa-b544-94a22aab4960",
"name" : "6616953 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.",
"id" : "CVE-2021-2163"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6616953",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH48649" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "ce701624-9b78-3923-bc80-967995bab0da"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether this vulnerability is applicable to your code. Refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information.",
"id" : "69999989-8e75-38c2-9c73-f75ffc4dcf59",
"name" : "6986617 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE components could expose sensitive information using a combination of flaws and configurations.",
"id" : "CVE-2023-30441"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6986617",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "eb0bc67a-81be-3497-a33c-ae909eef69da"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "f360346c-e134-39fb-ac92-61e089e2bf7f",
"name" : "7001677 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Networking component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21937"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow a remote attacker to cause high availability impact.",
"id" : "CVE-2023-21954"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Libraries component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21938"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Hotspot component could allow a remote attacker to cause high confidentiality impact.",
"id" : "CVE-2023-21967"
}, {
"cvssBaseScore" : 7.4,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high confidentiality impact and high integrity impact.",
"id" : "CVE-2023-21930"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE and GraalVM Enterprise Edition related to the Libraries component could allow an unauthenticated attacker to cause low integrity impact.",
"id" : "CVE-2023-21968"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/7001677",
"endVersion" : "8.0.8.4",
"fixPack" : "8.0.8.5",
"iFixes" : [ "PH54908" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "c0533ed3-cdf3-3305-a667-7757bdeaca62"
} ],
"version" : "8.0.7.5"
}
}示例资产已删除事件 (Java SDK)
{
"type" : "DELETE",
"asset" : {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"id" : "f0842917-7c96-389e-b99f-302df459f944",
"name" : "IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "server-registration-processor",
"apars" : [ ],
"hostName" : "defected1.example.com",
"operatingSystem" : "Linux",
"operatingSystemVersion" : "3.10.0-1160.90.1.el7.x86_64",
"productName" : "IBM J9 VM",
"type" : "jdk",
"unresolvedVulnerabilities" : [ {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "63d3b3f2-e49e-378b-a339-ac3753d48d33",
"name" : "6839565 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21626"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2022-21624"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6839565",
"endVersion" : "8.0.7.19",
"fixPack" : "8.0.7.20",
"iFixes" : [ "PH50734" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "f0a4388b-cbb5-3e46-a267-f230db98c073"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. These might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "677299b0-2524-3c66-9c36-85c16a0a3690",
"name" : "6594523 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21299"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.",
"id" : "CVE-2022-21496"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6594523",
"endVersion" : "8.0.7.9",
"fixPack" : "8.0.7.10",
"iFixes" : [ "PH46425" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "12959664-bdcc-396a-b0af-f15886b07354"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "64f1d4d4-4ea5-367d-93fe-9317af030897",
"name" : "6980375 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21426"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Serialization component could allow a remote attacker to cause a denial of service resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2023-21830"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6980375",
"endVersion" : "8.0.7.99",
"fixPack" : "8.0.8.0",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1775bdd2-6649-350f-9442-0fbd4abeb4f7"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "5041b7c1-f13a-34aa-b544-94a22aab4960",
"name" : "6616953 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.",
"id" : "CVE-2021-2163"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6616953",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH48649" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "ce701624-9b78-3923-bc80-967995bab0da"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether this vulnerability is applicable to your code. Refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information.",
"id" : "69999989-8e75-38c2-9c73-f75ffc4dcf59",
"name" : "6986617 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE components could expose sensitive information using a combination of flaws and configurations.",
"id" : "CVE-2023-30441"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6986617",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "eb0bc67a-81be-3497-a33c-ae909eef69da"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "f360346c-e134-39fb-ac92-61e089e2bf7f",
"name" : "7001677 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Networking component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21937"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow a remote attacker to cause high availability impact.",
"id" : "CVE-2023-21954"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Libraries component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21938"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Hotspot component could allow a remote attacker to cause high confidentiality impact.",
"id" : "CVE-2023-21967"
}, {
"cvssBaseScore" : 7.4,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high confidentiality impact and high integrity impact.",
"id" : "CVE-2023-21930"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE and GraalVM Enterprise Edition related to the Libraries component could allow an unauthenticated attacker to cause low integrity impact.",
"id" : "CVE-2023-21968"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/7001677",
"endVersion" : "8.0.8.4",
"fixPack" : "8.0.8.5",
"iFixes" : [ "PH54908" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "c0533ed3-cdf3-3305-a667-7757bdeaca62"
} ],
"version" : "8.0.7.5"
}
}