Eclipse Jetty contains a vulnerability that may allow a remote attacker to exploit this vulnerability to consume CPU that remains high even without any traffic.
**IBM X-Force ID:**230016
**DESCRIPTION:**Eclipse Jetty is vulnerable to a denial of service, caused by an error related to some of the production servers spiking with CPU use. A remote attacker could exploit this vulnerability to consume CPU that remains high even without any traffic.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/230016 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
RST | 9.2 |
RST | 10.0 |
RST | 9.5 |
RST | 10.1 |
RST | 10.2 |
Updating to Rational Service Tester version 10.5 is strongly recommended.
Product | VRMF | APAR | Remediation/First Fix |
---|---|---|---|
RST | 10.2 | None | <https://download4.boulder.ibm.com/sar/CMA/RAA/0atii/0/PSIRT58763_RPT-RST-ifix.zip> |
RST | 10.1 | None | <https://download4.boulder.ibm.com/sar/CMA/RAA/0atii/0/PSIRT58763_RPT-RST-ifix.zip> |
RST | 10.0 | None | <https://download4.boulder.ibm.com/sar/CMA/RAA/0atii/0/PSIRT58763_RPT-RST-ifix.zip> |
RST | 9.5 | None | <https://download4.boulder.ibm.com/sar/CMA/RAA/0atii/0/PSIRT58763_RPT-RST-ifix.zip> |
RST | 9.2 | None | <https://download4.boulder.ibm.com/sar/CMA/RAA/0atii/0/PSIRT58763_RPT-RST-ifix.zip> |
None