Lucene search

K
ibmIBM673890733653CDC1F2BE7C4661382BEC98F1365E9FE48B17230EF2CF4B722E6B
HistoryJun 29, 2020 - 3:23 p.m.

Security Bulletin: Security vulnerability in Java SE affects Rational Build Forge (CVE-2019-2949)

2020-06-2915:23:11
www.ibm.com
25

0.001 Low

EPSS

Percentile

45.1%

Summary

Java SE that is used by IBM Rational Build Forge has a security vulnerability. IBM Rational Build Forge has addressed the applicable CVE.

Vulnerability Details

CVEID:CVE-2019-2949
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Kerberos component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/169254 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Rational Build Forge 8.0.0.15.

Remediation/Fixes

You must download the fix pack specified in the following table and apply it. Affected Supporting Product(s) Remediation/Fix
IBM Rational Build Forge 8.0.0.15 Download IBM Rational Build Forge 8.0.0.16.

Workarounds and Mitigations

None