Lucene search

K
ibmIBM2A154FA8D34017E50CF35433C3DE4641EF2E92450EBD25CEF33FAD6C26916BCE
HistoryFeb 04, 2020 - 4:40 p.m.

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearQuest (CVE-2016-8743)

2020-02-0416:40:40
www.ibm.com
25

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

Summary

IBM HTTP Server (IHS) is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting IHS has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section.

Affected Products and Versions

IBM Rational ClearQuest, ClearQuest CM Server component.

Versions 8.0.0.x, 8.0.1.x, 9.0.0.x:

This vulnerability affects only the server component.

Versions 7.1.x.x:

Not affected.

Remediation/Fixes

Refer to the following security bulletins for vulnerability details and information about fixes addressed by IBM HTTP Server (IHS),which is shipped with IBM Rational ClearQuest.

Principal Product and Version(s) Affected Supporting Product and Version Affected Supporting Product Security Bulletin
IBM Rational ClearQuest, versions 8.0.0.x, 8.0.1.x, 9.0.0.x IBM HTTP Server versions 8.5.5, 8.5, 8.0, and 7.0 Security Bulletin: Potential vulnerability in IBM HTTP Server (CVE-2016-8743)

ClearQuest Versions

|

** Applying the fix**

—|—
8.0.0.x
8.0.1.x
9.0.0.x| Apply the appropriate IBM HTTP Server fix directly to your CM server host. No ClearQuest-specific steps are necessary.

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

Related for 2A154FA8D34017E50CF35433C3DE4641EF2E92450EBD25CEF33FAD6C26916BCE