4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
GSKit is an IBM component that is used by IBM Rational RequisitePro. The GSKit that is shipped with IBM Rational RequisitePro contains a security vulnerability. IBM Rational RequisitePro has addressed the applicable CVEs.
CVEID: CVE-2015-1788**
DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by an error when processing an ECParameters structure over a specially crafted binary polynomial field. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/103778 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Version
|
Status
—|—
7.1.4 through 7.1.4.8
|
Affected
7.1.3 through 7.1.3.15
|
Affected
Affected version
|
Applying the fix
—|—
7.1.4.x
|
Install Rational RequisitePro Fix Pack 9 (7.1.4.9) for 7.1.4
7.1.3.x
|
Install Rational RequisitePro Fix Pack 16 (7.1.3.16) for 7.1.3
None