Lucene search

K
ibmIBM4B79D8EB462A55A962C272FC6E71910088E63C9F67E0839F26A4A73F042A12DF
HistoryJun 17, 2018 - 4:46 a.m.

Security Bulletin: Vulnerabilities in ClearCase OpenSSL Component (CVE-2013-0169, CVE-2012-2686, CVE-2013-0166)

2018-06-1704:46:06
www.ibm.com
14

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

Summary

The OpenSSL component shipped as a part of IBM Rational ClearCase has issued a security advisory. This component is used in making SSL connections in the base CC/CQ integration and in making SSL connections via user Perl modules. On the UNIX/Linux platforms, OpenSSL can also be used by the UCM/CQ integration.

Vulnerability Details

| Subscribe to My Notifications to be notified of important product support alerts like this.

  • Follow this link for more information (requires login with your IBM ID)
    —|—

CVE ID:CVE-2013-0169
**Description:**This vulnerability is listed in the OpenSSL security advisory located at http://www.openssl.org/news/secadv_20130205.txt

CVSS Base Score: 4.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902&gt; *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVE ID:CVE-2013-0166
**Description:**This vulnerability is listed in the OpenSSL security advisory located at http://www.openssl.org/news/secadv_20130205.txt

CVSS Base Score: 5 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81904&gt; for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE ID:CVE-2012-2686
**Description:**This vulnerability is listed in the OpenSSL security advisory located at http://www.openssl.org/news/secadv_20130205.txt

CVSS Base Score: 5 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81903&gt; for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Affected Products and Versions

Rational ClearCase versions prior to 8.0.0.7, or 7.1.2.11

Remediation/Fixes

Upgrade to one of the following releases:

Workarounds and Mitigations

None

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P