Lucene search

K
ibmIBMA0ECE071B650D8F5EC02E601175D0E3683680641E4438CAB1D935DEB21EBDD49
HistoryFeb 04, 2020 - 4:40 p.m.

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server that is shipped with IBM Rational ClearQuest (CVE-2016-3092)

2020-02-0416:40:40
www.ibm.com
24

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

Summary

IBM WebSphere Application Server (WAS) is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting WAS has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section.

Affected Products and Versions

IBM Rational ClearQuest, ClearQuest CM Server component.

Versions 8.0.0.x, 8.0.1.x, 9.0.0.x:

This vulnerability only applies to the server component.

Versions 7.1.x.x: Not affected.

Remediation/Fixes

Refer to the following security bulletins for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS), which is shipped with IBM Rational ClearQuest.

Principal Product and Version(s) Affected Supporting Product and Version Affected Supporting Product Security Bulletin
IBM Rational ClearQuest, versions 8.0.0.x, 8.0.1.x, 9.0.0.x IBM WebSphere Application Server 8.5.5, 8.5, 8.0, and 7.0 Security Bulletin: Information Disclosure in IBM WebSphere Application Server (CVE-2016-3092)

ClearQuest Versions

|

** Applying the fix**

—|—
8.0.0.x, 8.0.1.x, 9.0.0.x| Apply the appropriate WebSphere Application Server fix directly to your CM server host. No ClearQuest-specific steps are necessary.

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

Related for A0ECE071B650D8F5EC02E601175D0E3683680641E4438CAB1D935DEB21EBDD49