IBMAAA4733E548388B933C5FBCDCA4EFEA642E359C79EA119CE1225DE33E6D4A575Security Bulletin: A security vulnerability has been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2016-3427)
9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Summary
Jazz Team Server is shipped as a component of Jazz Reporting Service (JRS). Information about a security vulnerabilities affecting Jazz Team Server and Jazz-based products has been published in a security bulletin.
Vulnerability Details
Consult the security bulletin Security Bulletin: Vulnerability in IBM® Java SDK affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-3427) for vulnerability details and information about fixes.
Affected Products and Versions
Principal Product and Version(s)
| Affected Supporting Product(s) and Version(s)
—|—
JRS 5.0, 5.0.1, and 5.0.2| Jazz Foundation 5.0, 5.0.1, 5.0.2
JRS 6.0, 6.0.1, and 6.0.2| Jazz Foundation 6.0, 6.0.1, 6.0.2
- Both JRS and Jazz Foundation are part of Rational Collaborative Lifecycle Management.
Related
9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C