Lucene search

K
ibmIBM5248AAFD10279FA07559D9F0641E0B2E4971009443F7A978B3CE1589E7F3C957
HistoryJun 16, 2023 - 6:56 p.m.

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester

2023-06-1618:56:39
www.ibm.com
5
ibm java sdk
ibm java runtime
rational performance tester
cve-2022-21628
cve-2022-21626
cve-2022-21624
cve-2022-21619
denial of service
security component fix
java patch.

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

59.5%

Summary

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable CVEs.

Vulnerability Details

**CVEID:**CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238623 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

**CVEID:**CVE-2022-21626 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238689 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

**CVEID:**CVE-2022-21624 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown attack vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238699 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

**CVEID:**CVE-2022-21619 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown attack vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238698 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
RPT 9.5

Remediation/Fixes

Product VRMF APAR Remediation//First Fix
RPT 9.5 None https://www.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=Rational-RPT-JavaPatch-Java8SR7FP20&continue=1&source=SAR

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmrational_performance_testerMatch9.2
OR
ibmrational_performance_testerMatch9.5
OR
ibmrational_performance_testerMatch10.0
OR
ibmrational_performance_testerMatch10.1
OR
ibmrational_performance_testerMatch10.2
VendorProductVersionCPE
ibmrational_performance_tester9.2cpe:2.3:a:ibm:rational_performance_tester:9.2:*:*:*:*:*:*:*
ibmrational_performance_tester9.5cpe:2.3:a:ibm:rational_performance_tester:9.5:*:*:*:*:*:*:*
ibmrational_performance_tester10.0cpe:2.3:a:ibm:rational_performance_tester:10.0:*:*:*:*:*:*:*
ibmrational_performance_tester10.1cpe:2.3:a:ibm:rational_performance_tester:10.1:*:*:*:*:*:*:*
ibmrational_performance_tester10.2cpe:2.3:a:ibm:rational_performance_tester:10.2:*:*:*:*:*:*:*

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

59.5%

Related for 5248AAFD10279FA07559D9F0641E0B2E4971009443F7A978B3CE1589E7F3C957