Lucene search
IBM98E9E837D320AD952261A8F94B6CD79812949378F615F0BE9E71A0D015D5F595HistorySep 28, 2022 - 12:58 p.m.
Security Bulletin: Rational Service Tester contains a vulnerability which could affect Eclipse Jetty. Rational Service Tester has taken steps to mitigate this vulnerability.
2022-09-2812:58:06
www.ibm.com
9
Summary
Eclipse Jetty contains a vulnerability that may allow a remote attacker to exploit this vulnerability to consume CPU that remains high even without any traffic.
Vulnerability Details
**IBM X-Force ID:**230016
**DESCRIPTION:**Eclipse Jetty is vulnerable to a denial of service, caused by an error related to some of the production servers spiking with CPU use. A remote attacker could exploit this vulnerability to consume CPU that remains high even without any traffic.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/230016 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| RST | 9.2 |
| RST | 10.0 |
| RST | 9.5 |
| RST | 10.1 |
| RST | 10.2 |
Remediation/Fixes
Updating to Rational Service Tester version 10.5 is strongly recommended.
| Product | VRMF | APAR | Remediation/First Fix |
|---|---|---|---|
| RST | 10.2 | None | <https://download4.boulder.ibm.com/sar/CMA/RAA/0atii/0/PSIRT58763_RPT-RST-ifix.zip> |
| RST | 10.1 | None | <https://download4.boulder.ibm.com/sar/CMA/RAA/0atii/0/PSIRT58763_RPT-RST-ifix.zip> |
| RST | 10.0 | None | <https://download4.boulder.ibm.com/sar/CMA/RAA/0atii/0/PSIRT58763_RPT-RST-ifix.zip> |
| RST | 9.5 | None | <https://download4.boulder.ibm.com/sar/CMA/RAA/0atii/0/PSIRT58763_RPT-RST-ifix.zip> |
| RST | 9.2 | None | <https://download4.boulder.ibm.com/sar/CMA/RAA/0atii/0/PSIRT58763_RPT-RST-ifix.zip> |
Workarounds and Mitigations
None