Home

CVE-2017-1376

Description

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.82

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Cognos Controller 10.2.0Windows
Multiple Vulnerabilities are affected in IBM Cognos Controller 10.2.1Windows
Multiple Vulnerabilities are affected in IBM Cognos Controller 10.3.0Windows
Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.0Windows
Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.5Windows
Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.6Windows
Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.7Windows
Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.8Windows
Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.9Windows
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.0.8.0Windows
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-1.8.0.4.10-1jpp.1.el6_9.i686.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-1.8.0.4.10-1jpp.1.el6_9.x86_64.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-1.8.0.4.10-1jpp.3.el7.i686.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-1.8.0.4.10-1jpp.3.el7.x86_64.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-demo-1.8.0.4.10-1jpp.1.el6_9.i686.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-demo-1.8.0.4.10-1jpp.1.el6_9.x86_64.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-demo-1.8.0.4.10-1jpp.3.el7.x86_64.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-devel-1.8.0.4.10-1jpp.1.el6_9.i686.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-devel-1.8.0.4.10-1jpp.1.el6_9.x86_64.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-devel-1.8.0.4.10-1jpp.3.el7.i686.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-devel-1.8.0.4.10-1jpp.3.el7.x86_64.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-jdbc-1.8.0.4.10-1jpp.1.el6_9.i686.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-jdbc-1.8.0.4.10-1jpp.1.el6_9.x86_64.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-jdbc-1.8.0.4.10-1jpp.3.el7.x86_64.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-plugin-1.8.0.4.10-1jpp.1.el6_9.i686.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-plugin-1.8.0.4.10-1jpp.1.el6_9.x86_64.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-plugin-1.8.0.4.10-1jpp.3.el7.x86_64.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-src-1.8.0.4.10-1jpp.1.el6_9.i686.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-src-1.8.0.4.10-1jpp.1.el6_9.x86_64.rpmLinux
(RHSA-2017:2469) java-1.8.0-ibm security update java-1.8.0-ibm-src-1.8.0.4.10-1jpp.3.el7.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-1.7.1.4.10-1jpp.2.el6_9.i686.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-1.7.1.4.10-1jpp.2.el6_9.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-1.7.1.4.10-1jpp.3.el7.i686.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-1.7.1.4.10-1jpp.3.el7.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-demo-1.7.1.4.10-1jpp.2.el6_9.i686.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-demo-1.7.1.4.10-1jpp.2.el6_9.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-demo-1.7.1.4.10-1jpp.3.el7.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-devel-1.7.1.4.10-1jpp.2.el6_9.i686.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-devel-1.7.1.4.10-1jpp.2.el6_9.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-devel-1.7.1.4.10-1jpp.3.el7.i686.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-devel-1.7.1.4.10-1jpp.3.el7.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-jdbc-1.7.1.4.10-1jpp.2.el6_9.i686.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-jdbc-1.7.1.4.10-1jpp.2.el6_9.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-jdbc-1.7.1.4.10-1jpp.3.el7.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-plugin-1.7.1.4.10-1jpp.2.el6_9.i686.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-plugin-1.7.1.4.10-1jpp.2.el6_9.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-plugin-1.7.1.4.10-1jpp.3.el7.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-src-1.7.1.4.10-1jpp.2.el6_9.i686.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-src-1.7.1.4.10-1jpp.2.el6_9.x86_64.rpmLinux
(RHSA-2017:2481) java-1.7.1-ibm security update java-1.7.1-ibm-src-1.7.1.4.10-1jpp.3.el7.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234