Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM214DADC934E2EB7E8B62487A55071C0ACB9FC53A72D345E4B29E66BA3FC690E2
HistoryAug 28, 2023 - 10:34 a.m.

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearCase [CVE-2023-32342]

2023-08-2810:34:04
www.ibm.com
18
ibm rational clearcase
ibm http server
information disclosure

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

41.3%

JSON

Summary

IBM HTTP Server (IHS) is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. [CVE-2023-32342]

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
IBM Rational ClearCase 10.0.0
IBM Rational ClearCase 9.1
IBM Rational ClearCase 9.0.2

Remediation/Fixes

Refer to the following security bulletin(s) for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS) which is shipped with IBM Rational ClearCase.

Principal Product and Version(s) Affected Supporting Product and Version Affected Supporting Product Security Bulletin

IBM Rational ClearCase, versions 10.0.x, 9.1.x, 9.0.2.x

|

IBM HTTP Server version 8.5, 9.0

|

Security Bulletin: IBM HTTP Server is vulnerable to information disclosure due to IBM GSKit (CVE-2023-32342)

ClearCase Versions

|

Applying the fix

—|—
10.0.x, 9.1.x, 9.0.2.x| Apply the appropriate IBM HTTP Server fix (see bulletin link above) directly to your CCRC WAN server host. No ClearCase-specific steps are necessary.

For 9.0.1.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product.

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmrational_clearcaseMatchany
VendorProductVersionCPE
ibmrational_clearcaseanycpe:2.3:a:ibm:rational_clearcase:any:*:*:*:*:*:*:*

Related

ibm 32
prion 1
nessus 1
cnvd 1
cvelist 1
cve 1
nvd 1
ibm
ibm
Security Bulletin: Timing in RSA Decryption vulnerability might affect GSKit supplied with IBM TXSeries for Multiplatforms
2023-09-08 12:04:34
Security Bulletin: IBM HTTP Server is vulnerable to information disclosure due to IBM GSKit (CVE-2023-32342)
2023-05-24 20:08:05
Security Bulletin: CVE-2023-32342 may affect GSKit shipped with IBM CICS TX Advanced
2023-07-19 13:29:09
prion
prion
Design/Logic Flaw
2023-05-30 22:15:00
nessus
nessus
IBM HTTP Server 8.5.0.0 < 8.5.5.24 / 9.0.0.0 < 9.0.5.16 Information Disclosure (6998037)
2023-10-19 00:00:00
cnvd
cnvd
IBM Global Security Kit Encryption Issues Vulnerability
2023-06-01 00:00:00
cvelist
cvelist
CVE-2023-32342 IBM GSKit information disclosure
2023-05-30 21:03:25
cve
cve
CVE-2023-32342
2023-05-30 22:15:10
nvd
nvd
CVE-2023-32342
2023-05-30 22:15:10

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

41.3%

JSON
Related for 214DADC934E2EB7E8B62487A55071C0ACB9FC53A72D345E4B29E66BA3FC690E2
ibm32prion1nessus1cnvd1cvelist1cve1nvd1