Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM7FF45820CCD060292FD773B854DF8451AF94C4EE52690458EB61DECBEEF0C566
HistoryJul 26, 2023 - 6:18 a.m.

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server used by IBM Rational ClearQuest (CVE-2023-32342)

2023-07-2606:18:53
www.ibm.com
19
ibm rational clearquest
http server
vulnerability
security bulletin
ibm websphere application server
fixes

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

41.3%

JSON

Summary

IBM HTTP server is used by the IBM Rational ClearQuest server and web components. Information about a security vulnerability affecting HTTP server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
IBM Rational ClearQuest 9.0.1
IBM Rational ClearQuest 9.0.2
IBM Rational ClearQuest 9.1
IBM Rational ClearQuest 10.0

Remediation/Fixes

Refer to the following security bulletin(s) for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS), which is used by IBM Rational ClearQuest.

Principal Product and Version(s) Affected Supporting Product and Version Affected Supporting Product Security Bulletin
IBM Rational ClearQuest, versions 9.0.1.x, 9.0.2.x, 9.1.x, 10.0.x IBM HTTP Server versions 8.5 and 9.0

Security Bulletin: IBM HTTP Server is vulnerable to information disclosure due to IBM GSKit. (CVE-2023-32342)

ClearQuest Versions

|

Applying the fix

—|—
9.0.1.x, 9.0.2.x, 9.1.x, 10.0.x| Apply the appropriate IBM WebSphere Application Server fix (see bulletin link above) directly to your CM server host. No ClearQuest-specific steps are necessary.

For 9.0.0.x, 8.0.1.x, 8.0.0.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product.

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmrational_clearquestMatch8.0.0
OR
ibmrational_clearquestMatch8.0.1
OR
ibmrational_clearquestMatch9.0.0
OR
ibmrational_clearquestMatch9.0.1
OR
ibmrational_clearquestMatch9.0.2
VendorProductVersionCPE
ibmrational_clearquest8.0.0cpe:2.3:a:ibm:rational_clearquest:8.0.0:*:*:*:*:*:*:*
ibmrational_clearquest8.0.1cpe:2.3:a:ibm:rational_clearquest:8.0.1:*:*:*:*:*:*:*
ibmrational_clearquest9.0.0cpe:2.3:a:ibm:rational_clearquest:9.0.0:*:*:*:*:*:*:*
ibmrational_clearquest9.0.1cpe:2.3:a:ibm:rational_clearquest:9.0.1:*:*:*:*:*:*:*
ibmrational_clearquest9.0.2cpe:2.3:a:ibm:rational_clearquest:9.0.2:*:*:*:*:*:*:*

Related

ibm 32
prion 1
cnvd 1
nessus 1
cve 1
cvelist 1
nvd 1
ibm
ibm
Security Bulletin: IBM HTTP Server is vulnerable to information disclosure due to IBM GSKit (CVE-2023-32342)
2023-05-24 20:08:05
Security Bulletin: Timing in RSA Decryption vulnerability might affect GSKit supplied with IBM TXSeries for Multiplatforms
2023-09-08 12:04:34
Security Bulletin: CVE-2023-32342 may affect GSKit shipped with IBM CICS TX Advanced
2023-07-19 13:29:09
prion
prion
Design/Logic Flaw
2023-05-30 22:15:00
cnvd
cnvd
IBM Global Security Kit Encryption Issues Vulnerability
2023-06-01 00:00:00
nessus
nessus
IBM HTTP Server 8.5.0.0 < 8.5.5.24 / 9.0.0.0 < 9.0.5.16 Information Disclosure (6998037)
2023-10-19 00:00:00
cve
cve
CVE-2023-32342
2023-05-30 22:15:10
cvelist
cvelist
CVE-2023-32342 IBM GSKit information disclosure
2023-05-30 21:03:25
nvd
nvd
CVE-2023-32342
2023-05-30 22:15:10

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

41.3%

JSON
Related for 7FF45820CCD060292FD773B854DF8451AF94C4EE52690458EB61DECBEEF0C566
ibm32prion1cnvd1nessus1cve1cvelist1nvd1