4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
Flaws in the Java runtime Secure Sockets implementation may expose CCRC communications to an attacker.
| Subscribe to My Notifications to be notified of important product support alerts like this.
CVEID: CVE-2014-4263
Description: An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/94606> for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
CVEID: CVE-2014-4244
Description: An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/94605> for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
Only the ClearCase Remote Client/ClearTeam Explorer component of ClearCase is affected.
ClearCase Remote Client/ClearTeam Explorer version
|
Status
—|—
8.0.1 through 8.0.1.5
|
Affected
8.0 through 8.0.0.12
|
Affected
7.1.2 through 7.1.2.15
|
Affected
7.1.0.x, 7.1.1.x (all versions and fix packs)
|
Affected
7.0.x
|
Not affected
The solution is to upgrade to a newer fix pack of ClearCase. Please see below for information on the fixes available.
Affected Versions
|
** Applying the fix**
—|—
8.0.1.x
| Install Rational ClearCase Fix Pack 6 (8.0.1.6)
8.0.0.x
| Install Rational ClearCase Fix Pack 13 (8.0.0.13)
7.1.2.x
7.1.1.x
7.1.0.x
| Customers with extended support contracts should install Rational ClearCase Fix Pack 16 (7.1.2.16)
Notes:
None