5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Apache HTTP Server has a security vulnerability that can lead to a denial of service (DOS) attack. To avoid this issue in IBM Rational Build Forge, you should use the latest version Apache HTTP Server which contains the fix for this problem.
| Subscribe to My Notifications to be notified of important product support alerts like this.
CVE-ID:CVE-2014-0098
Description: Apache HTTP Server is vulnerable to a denial of service. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the service to crash.
CVSS Base Score: 5 **CVSS Temporal Score: **See <https://exchange.xforce.ibmcloud.com/vulnerabilities/91879> for the current score. *CVSS Environmental Score:**Undefined **CVSS Vector: **(AV:N/AC:L/Au:N/C:N/I:N/A:P)
IBM Rational Build Forge versions 7.1.1, 7.1.2, 7.1.3, and 8.0.
Apply the correct fix pack or iFix for your version of Build Forge:
Affected Version | Fix |
---|---|
Build Forge 7.1.1.0 - 7.1.1.4 | 7.1.1.4 iFix1 (not released yet) |
Note: If you need 7.1.1.4 iFix1, contact IBM support
Build Forge 7.1.2.0 - 7.1.2.3| 7.1.2.3 iFix1 (not released yet)
Note: If you need 7.1.2.3 iFix1, contact IBM support
Build Forge 7.1.3.0 - 7.1.3.5 iFix1| 7.1.3.5 iFix2 (not released yet)
Note: If you need 7.1.3.5 iFix2, contact IBM support
Build Forge 8.0.0.0 - 8.0.0.1| Rational Build Forge Fix Pack 2 (8.0.0.2) for 8.0
Upgrade the Apache HTTP or disable the mod_log_config module.