Lucene search

IBMC554610A45CFB59FC9170B2C6DC1F2A4D4CC84198B97CDEDD371BDC99D66F824

HistoryJul 29, 2022 - 8:18 p.m.

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Performance Tester (CVE-2021-35603)

2022-07-2920:18:49

www.ibm.com

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

44.5%

JSON

Summary

A vulnerability in IBM SDK Java Version 1.8 and IBM Runtime Environment Java Version 1.8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable CVE.

Vulnerability Details

CVEID:CVE-2021-35603
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/211676 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
RPT	9.5

Remediation/Fixes

Product	VRMF	APAR	Remediation/Fix
RPT	9.5	None	http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FRational+Performance+Tester&fixids=Rational-RPT-JavaPatch-Java8SR7FP10&source=SAR

Workarounds and Mitigations

None

CPENameOperatorVersion
rational performance testereq9.5

CPE	Name	Operator	Version
	rational performance tester	eq	9.5

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

44.5%

JSON

Related for C554610A45CFB59FC9170B2C6DC1F2A4D4CC84198B97CDEDD371BDC99D66F824