Multiple high-severity vulnerabilities (CVSS Base Score 8.6) in Oracle Java SE allow for remote attacks, affecting a wide range of enterprise software products from IBM, Dell, HCL, Xerox, and others. The article provides a detailed list of specific affected products and their versions, but does not specify the exact Java SE version ranges or the attack vectors. Mitigations are available, and administrators must consult the referenced vendor updates for each listed product to apply the necessary patches or workarounds.
[WID-SEC-2025-1569] Oracle Java SE: Mehrere Schwachstellen CVSS Base Score 8.6 (hoch) CVSS Temporal Score 7.5 (hoch) Remoteangriff ja Datum 15.07.2025 Stand UPDATE 09.03.2026 Mitigation ja Betroffene Systeme Betriebssystem Linux MacOS X Sonstiges UNIX Windows Produktbeschreibung Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE). Produkte UPDATE 08.03.2026 Dell NetWorker NRE <8.0.28 Dell NetWorker NRE <17.0.4 UPDATE 11.01.2026 IBM DB2 UPDATE 16.12.2025 IBM Security Verify Access <v10.0.9.1 IBM Security Verify Access <11.0.2 UPDATE 14.12.2025 IBM Storage Insights UPDATE 27.11.2025 IBM Tivoli Netcool/OMNIbus UPDATE 26.11.2025 IBM Storwize IBM FlashSystem IBM SAN Volume Controller UPDATE 17.11.2025 Xerox FreeFlow Print Server v7 UPDATE 05.11.2025 IBM Business Automation Workflow UPDATE 30.10.2025 Dell Avamar Dell NetWorker Virtual Edition RealObjects PDFreactor <12.3.2 UPDATE 29.10.2025 Dell Data Protection Advisor UPDATE 27.10.2025 IBM QRadar SIEM UPDATE 23.10.2025 IBM DataPower Gateway <10.6.5.0 IBM DataPower Gateway <10.5.0.19 IBM DataPower Gateway <10.6.0.7 UPDATE 21.10.2025 IBM Integration Bus UPDATE 15.10.2025 IBM SPSS Statistics IBM Sterling Connect:Direct <6.2.0.29 IBM Sterling Connect:Direct <6.3.0.15 IBM Sterling Connect:Direct <6.4.0.4 UPDATE 09.10.2025 IBM Rational Application Developer for WebSphere Software 9.6 IBM Rational Application Developer for WebSphere Software 9.7 IBM Rational Application Developer for WebSphere Software 10.0 UPDATE 06.10.2025 IBM Rational Business Developer UPDATE 01.10.2025 IBM Sterling Connect:Direct <6.3.0.6 IBM Sterling Connect:Direct <6.4.0.3 IBM Sterling Connect:Direct <6.2.0.9 IBM Sterling Connect:Direct <6.2.0.8 UPDATE 30.09.2025 Absolute Secure Access Server <14.10 Absolute Secure Access Insights <4.30 UPDATE 25.09.2025 HCL BigFix UPDATE 24.09.2025 IBM Tivoli Network Manager UPDATE 21.09.2025 IBM License Metric Tool UPDATE 15.09.2025 IBM Tivoli Business Service Manager 6.2.0.0-6.2.0.6 UPDATE 14.09.2025 IBM InfoSphere Information Server 11.7 IBM Installation Manager 1.4-1.10.1.2 UPDATE 11.09.2025 IBM SPSS Collaboration and Deployment Services 8.5 IBM Tivoli Monitoring for Virtual Environments 7.3.7 IBM SPSS Collaboration and Deployment Services 8.6 IBM Tivoli Monitoring 7.2.10 UPDATE 10.09.2025 IBM Business Automation Workflow UPDATE 09.09.2025 IBM Tivoli Key Lifecycle Manager IBM TXSeries for multiplatforms UPDATE 07.09.2025 IBM MQ Operator IBM MQ Container UPDATE 04.09.2025 IBM MQ <9.1.0.31 IBM MQ <9.2.0.37 IBM MQ <9.3.0.31 IBM MQ <9.4.0.15 IBM MQ <9.4.3.1 UPDATE 02.09.2025 IBM App Connect Enterprise IBM Tivoli Monitoring 6.3.0.7 UPDATE 28.08.2025 IBM Installation Manager 1.4-1.9.3.2 UPDATE 26.08.2025 Hitachi Ops Center Hitachi Configuration Manager Hitachi Command Suite UPDATE 21.08.2025 IGEL OS UPDATE 13.08.2025 IBM Tivoli Netcool/OMNIbus 8.1.0 UPDATE 10.08.2025 IBM WebSphere Service Registry and Repository 8.5 UPDATE 07.08.2025 IBM WebSphere Application Server UPDATE 03.08.2025 IBM Java <8.0.8.50 UPDATE 31.07.2025 IBM Semeru Runtime <8.0.462.0 IBM Semeru Runtime <11.0.28.0 IBM Semeru Runtime <17.0.16.0 IBM Semeru Runtime <21.0.8.0 UPDATE 30.07.2025 Amazon Linux 2 UPDATE 29.07.2025 SUSE Linux UPDATE 24.07.2025 Ubuntu Linux UPDATE 22.07.2025 Debian Linux UPDATE 20.07.2025 SUSE openSUSE UPDATE 16.07.2025 Oracle Linux 15.07.2025 Open Source OpenJDK Red Hat Enterprise Linux Azul Zulu Oracle Java SE 11.0.27 Oracle Java SE 17.0.15 Oracle Java SE 21.0.7 Oracle Java SE 24.0.1 Oracle Java SE 8u451-perf Oracle GraalVM for JDK 17.0.15 Oracle GraalVM for JDK 21.0.7 Oracle GraalVM for JDK 24.0.1 Oracle GraalVM Enterprise Edition 21.3.14 Amazon Corretto <8.462.08.1 Amazon Corretto <11.0.28.6.1 Angriff Angriff Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Java SE und anderen Java Editionen ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden. CVE Informationen Versionshistorie Feedback zum Advisory geben