CVE-2015-5006

Published Dec 7, 2015
Last updated 5 years ago
CVSS info 2.1
Overview

Description: IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.
Source: psirt@us.ibm.com
NVD status: Analyzed
Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-200
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:java_2_sdk:*:*:*:*:technology:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03221A34-2A59-4490-B584-9DDE14B038EB",
            "versionEndIncluding": "5.0.16.13",
            "versionStartIncluding": "5.0.0.0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E62DD30F-D19E-461B-BF22-B64DCF8A15B6",
            "versionEndExcluding": "6.0.16.15",
            "versionStartIncluding": "6.0.0.0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDC1C82B-6F8E-448F-84AD-6AF2B25305B8",
            "versionEndExcluding": "6.1.8.15",
            "versionStartIncluding": "6.1.0.0."
          },
          {
            "criteria": "cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DA8172E-DF92-4728-B599-265226AE72C9",
            "versionEndExcluding": "7.0.9.20",
            "versionStartIncluding": "7.0.0.0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4679087-2B26-4A3C-A270-0DD543289DCB",
            "versionEndExcluding": "7.1.3.20",
            "versionStartIncluding": "7.1.0.0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A25735C-2F06-41D1-A0C4-2DAB1F82010A",
            "versionEndExcluding": "8.0.2.0",
            "versionStartIncluding": "8.0.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9"
          },
          {
            "criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C81647C-9A53-481D-A54C-36770A093F90"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B072472-B463-4647-885D-E40B0115C810"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F922115C-1907-4F65-9F23-3E63A8BCD4A7"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC"
          },
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
