Lucene search

K
ibmIBM9B651965662FB4BB7669237110855869D79C7DB4430BED93C0FA89B297B71879
HistorySep 29, 2018 - 8:06 p.m.

Security Bulletin: Vulnerability in Rational Functional Tester versions 8.5.1 and earlier due to security vulnerability in IBM JRE 7.0 Service Release 5 or earlier (CVE-2013-5772)

2018-09-2920:06:32
www.ibm.com
5

0.007 Low

EPSS

Percentile

80.8%

Summary

A security vulnerability exists in the Java Runtime Environments (JREs) IBM JRE 7.0 Service Release 5 or earlier that can affect the security of Rational Functional Tester (RFT).

Vulnerability Details

| Subscribe to My Notifications to be notified of important product support alerts like this.

  • Follow this link for more information (requires login with your IBM ID)
    —|—

CVEID:CVE-2013-5772

Description: Remote attackers can affect integrity via unknown vectors related to jhat.

CVSS Base Score: 2.6 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/88007&gt; for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV/N:AC/H:Au/N:C/N:I/P:A/N)

Affected Products and Versions

Rational Functional Tester version 8.5.1 and earlier that shipped with IBM 7.0 Service Release 5 or earlier are affected.

Remediation/Fixes

Upgrade to Rational Functional Tester 8.5.1.1 which ships with IBM Java 7.0 Service Release 6 and addresses this security issue.

If you do not want to upgrade to 8.5.1.1, download the IBM 7.0 Service Release 6 from the IBM Java website and configure RFT to use it.

Workarounds and Mitigations

None