Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester

2020-10-0515:43:01

www.ibm.com

0.001 Low

EPSS

Percentile

28.8%

JSON

Summary

There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 1.8 and IBM Runtime Environment Java Version 1.8 used by Rational Service Tester. Rational Service Tester has addressed the applicable CVEs.

Vulnerability Details

CVEID:CVE-2020-2654
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174601 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Affected Product(s)	Version(s)
RST	9.1
RST	9.2
RST	9.5

Remediation/Fixes

Product	VRMF	APAR	Remediation/First Fix
RST	9.5	None	Download
http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FRational+Service+Tester+for+SOA+Quality&fixids=Rational-RST-JavaPatch-Java8SR6FP7&source=SAR
RST	9.2	None	Download
http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FRational+Service+Tester+for+SOA+Quality&fixids=Rational-RST-JavaPatch-Java8SR6FP7&source=SAR
RST	9.1	None	Download
http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FRational+Service+Tester+for+SOA+Quality&fixids=Rational-RST-JavaPatch-Java8SR6FP7&source=SAR

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm rational service tester for soa qualityeq9.1
ibm rational service tester for soa qualityeq9.2
ibm rational service tester for soa qualityeq9.5