What is CVE-2015-5041?

CVE-2015-5041 is a critical-severity vulnerability in Ibm Java_sdk, classified under Information Disclosure. CVSS score: 9.1/10. Published 2016-06-06.

How severe is CVE-2015-5041?

Critical severity. CVSS v3 base score is 9.1 out of 10.

Information disclosure in Ibm Java_sdk

CVE-2015-5041

The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface me…

Vulnerability class: Information Disclosure

EPSS: 0.009 (75.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

Ibm Java_sdk
Ibm Websphere_application_server
Redhat Satellite — versions 5.6, 5.7
Suse Linux_enterprise_server — versions 11, 12
Suse Linux_enterprise_software_development_kit — versions 11, 12
Suse Suse_linux_enterprise_server — versions 12
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

SUSE-SU-2016:0401 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
IV72872 (vendor-advisory, x_refsource_AIXAPAR, Vendor Advisory)
SUSE-SU-2016:0428 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
RHSA-2016:1430 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
SUSE-SU-2016:0399 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
82451 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
SUSE-SU-2016:0431 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)

Frequently asked questions

What is CVE-2015-5041?: CVE-2015-5041 is a critical-severity vulnerability in Ibm Java_sdk, classified under Information Disclosure. CVSS score: 9.1/10. Published 2016-06-06.
How severe is CVE-2015-5041?: Critical severity. CVSS v3 base score is 9.1 out of 10.