7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
A vulnerability in relation to SSL/TLS Handshake Processing has been discovered related to the SSLV3 Session Resumption when using SSLV2.
| Subscribe to My Notifications to be notified of important product support alerts like this.
Description: A vulnerability in relation to SSL/TLS Handshake Processing has been discovered related to the SSLV3 Session Resumption when using SSLV2.
CVSS Base Score: 7.8 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/88939> for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C)
IBM Rational ClearCase, CCRC WAN server component, releases 8.0.x, 7.1.x, 7.0.x.
This vulnerability only applies to the WAN server component, not to other parts of IBM Rational ClearCase.
Update your CCRC WAN server system to a newer version of IBM HTTP Server.
Set SSL server configuration options as described in IHS security bulletin 1659548.