Lucene search

[email protected]CVE-2015-1913

HistoryJun 30, 2015 - 10:59 a.m.

CVE-2015-1913

2015-06-3010:59:00

CWE-310

[email protected]

web.nvd.nist.gov

ibm

rational test workbench

rational test virtualization server

cve-2015-1913

security

vulnerability

md5

password hashing

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

67.8%

JSON

Rational Test Control Panel in IBM Rational Test Workbench and Rational Test Virtualization Server 8.0.0.x before 8.0.0.5, 8.0.1.x before 8.0.1.6, 8.5.0.x before 8.5.0.4, 8.5.1.x before 8.5.1.5, 8.6.0.x before 8.6.0.4, and 8.7.0.x before 8.7.0.2 uses the MD5 algorithm for password hashing, which makes it easier for remote attackers to bypass authentication via unspecified vectors.

Affected configurations

NVD

Node

ibmrational_test_virtualization_serverMatch8.0.0

ibmrational_test_virtualization_serverMatch8.0.0.1

ibmrational_test_virtualization_serverMatch8.0.0.2

ibmrational_test_virtualization_serverMatch8.0.0.3

ibmrational_test_virtualization_serverMatch8.0.0.4

ibmrational_test_virtualization_serverMatch8.0.1

ibmrational_test_virtualization_serverMatch8.0.1.1

ibmrational_test_virtualization_serverMatch8.0.1.2

ibmrational_test_virtualization_serverMatch8.0.1.3

ibmrational_test_virtualization_serverMatch8.0.1.4

ibmrational_test_virtualization_serverMatch8.0.1.5

ibmrational_test_virtualization_serverMatch8.5.0

ibmrational_test_virtualization_serverMatch8.5.0.1

ibmrational_test_virtualization_serverMatch8.5.0.2

ibmrational_test_virtualization_serverMatch8.5.0.3

ibmrational_test_virtualization_serverMatch8.5.1

ibmrational_test_virtualization_serverMatch8.5.1.1

ibmrational_test_virtualization_serverMatch8.5.1.2

ibmrational_test_virtualization_serverMatch8.5.1.3

ibmrational_test_virtualization_serverMatch8.5.1.4

ibmrational_test_virtualization_serverMatch8.6.0

ibmrational_test_virtualization_serverMatch8.6.0.1

ibmrational_test_virtualization_serverMatch8.6.0.2

ibmrational_test_virtualization_serverMatch8.6.0.3

ibmrational_test_virtualization_serverMatch8.7.0

ibmrational_test_virtualization_serverMatch8.7.0.1

Node

ibmrational_test_workbenchMatch8.0.0

ibmrational_test_workbenchMatch8.0.0.1

ibmrational_test_workbenchMatch8.0.0.2

ibmrational_test_workbenchMatch8.0.0.3

ibmrational_test_workbenchMatch8.0.0.4

ibmrational_test_workbenchMatch8.0.1

ibmrational_test_workbenchMatch8.0.1.1

ibmrational_test_workbenchMatch8.0.1.2

ibmrational_test_workbenchMatch8.0.1.3

ibmrational_test_workbenchMatch8.0.1.4

ibmrational_test_workbenchMatch8.0.1.5

ibmrational_test_workbenchMatch8.5.0

ibmrational_test_workbenchMatch8.5.0.1

ibmrational_test_workbenchMatch8.5.0.2

ibmrational_test_workbenchMatch8.5.0.3

ibmrational_test_workbenchMatch8.5.1

ibmrational_test_workbenchMatch8.5.1.1

ibmrational_test_workbenchMatch8.5.1.2

ibmrational_test_workbenchMatch8.5.1.3

ibmrational_test_workbenchMatch8.5.1.4

ibmrational_test_workbenchMatch8.6.0

ibmrational_test_workbenchMatch8.6.0.1

ibmrational_test_workbenchMatch8.6.0.2

ibmrational_test_workbenchMatch8.6.0.3

ibmrational_test_workbenchMatch8.7.0

ibmrational_test_workbenchMatch8.7.0.1

CPENameOperatorVersion
ibm:rational_test_virtualization_serveribm rational test virtualization servereq8.0.0
ibm:rational_test_virtualization_serveribm rational test virtualization servereq8.0.0.1
ibm:rational_test_virtualization_serveribm rational test virtualization servereq8.0.0.2
ibm:rational_test_virtualization_serveribm rational test virtualization servereq8.0.0.3
ibm:rational_test_virtualization_serveribm rational test virtualization servereq8.0.0.4
ibm:rational_test_virtualization_serveribm rational test virtualization servereq8.0.1
ibm:rational_test_virtualization_serveribm rational test virtualization servereq8.0.1.1
ibm:rational_test_virtualization_serveribm rational test virtualization servereq8.0.1.2
ibm:rational_test_virtualization_serveribm rational test virtualization servereq8.0.1.3
ibm:rational_test_virtualization_serveribm rational test virtualization servereq8.0.1.4

CPE	Name	Operator	Version
ibm:rational_test_virtualization_server	ibm rational test virtualization server	eq	8.0.0
ibm:rational_test_virtualization_server	ibm rational test virtualization server	eq	8.0.0.1
ibm:rational_test_virtualization_server	ibm rational test virtualization server	eq	8.0.0.2
ibm:rational_test_virtualization_server	ibm rational test virtualization server	eq	8.0.0.3
ibm:rational_test_virtualization_server	ibm rational test virtualization server	eq	8.0.0.4
ibm:rational_test_virtualization_server	ibm rational test virtualization server	eq	8.0.1
ibm:rational_test_virtualization_server	ibm rational test virtualization server	eq	8.0.1.1
ibm:rational_test_virtualization_server	ibm rational test virtualization server	eq	8.0.1.2
ibm:rational_test_virtualization_server	ibm rational test virtualization server	eq	8.0.1.3
ibm:rational_test_virtualization_server	ibm rational test virtualization server	eq	8.0.1.4

Rows per page:

1-10 of 261

References

www-01.ibm.com/support/docview.wss?uid=swg21959298

www.securityfocus.com/bid/75307

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

67.8%

JSON

Related for CVE-2015-1913

prion1 nvd1 ibm1 cvelist1