CVE-2015-5006

Published: Dec 7, 2015Modified: May 6, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache.

Affected (30)

Products: Ibm: Java 2 Sdk, Java Sdk · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Eus, Enterprise Linux Workstation, Satellite · Suse: Linux Enterprise Server, Linux Enterprise Software Development Kit

2 products

5 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Server Eus

Enterprise Linux Workstation

2 products

Linux Enterprise Server

Linux Enterprise Software Development Kit

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Ibm Java 2 Sdk	From 5.0.0.0 to 5.0.16.13
Ibm Java Sdk	From 6.0.0.0 to 6.0.16.15
Ibm Java Sdk	From 6.1.0.0. to 6.1.8.15
Ibm Java Sdk	From 7.0.0.0 to 7.0.9.20
Ibm Java Sdk	From 7.1.0.0 to 7.1.3.20
Ibm Java Sdk	From 8.0.0.0 to 8.0.2.0

Configuration B

16 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 5.0
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Server	Version 5.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Server Eus	Version 6.7
Redhat Enterprise Linux Server Eus	Version 7.2
Redhat Enterprise Linux Server Eus	Version 7.3
Redhat Enterprise Linux Server Eus	Version 7.4
Redhat Enterprise Linux Server Eus	Version 7.5
Redhat Enterprise Linux Workstation	Version 5.0
Redhat Enterprise Linux Workstation	Version 6.0
Redhat Enterprise Linux Workstation	Version 7.0
Redhat Satellite	Version 5.6
Redhat Satellite	Version 5.7

Configuration C

8 vulnerable

Vulnerable Software	Affected Versions
Suse Linux Enterprise Server	Version 11 sp2
Suse Linux Enterprise Server	Version 11 sp3
Suse Linux Enterprise Server	Version 11 sp3
Suse Linux Enterprise Server	Version 11 sp4
Suse Linux Enterprise Server	Version 12
Suse Linux Enterprise Software Development Kit	Version 11 sp3
Suse Linux Enterprise Software Development Kit	Version 11 sp4
Suse Linux Enterprise Software Development Kit	Version 12

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (32)

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

Source: psirt@us.ibm.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html

Source: psirt@us.ibm.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html

Source: psirt@us.ibm.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

Source: psirt@us.ibm.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html

Source: psirt@us.ibm.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html

Source: psirt@us.ibm.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

Source: psirt@us.ibm.com

Mailing ListThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2506.html

Source: psirt@us.ibm.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2507.html

Source: psirt@us.ibm.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2508.html

Source: psirt@us.ibm.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2509.html

Source: psirt@us.ibm.com

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IV78316

Source: psirt@us.ibm.com

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21969225

Source: psirt@us.ibm.com

Vendor Advisory

http://www.securityfocus.com/bid/77645

Source: psirt@us.ibm.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1034214

Source: psirt@us.ibm.com

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2016:1430

Source: psirt@us.ibm.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2506.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2507.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2508.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2509.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IV78316

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21969225

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/77645

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1034214

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2016:1430

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.