IBMCB57FB832E7640B04C7CF10A1C2F98D21D573EF04C795A47645D7544CAFD1D62Security Bulletin: Multiple Vulnerabilities in Oracle Outside In Technology affect IBM Rational DOORS Next Generation (CVE-2016-3574, CVE-2016-3575, etc)
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:C/I:P/A:P
Summary
IBM Rational DOORS Next Generation® is affected by multiple vulnerabilities in the Oracle Outside In Technology® that is used as a component.
Vulnerability Details
CVEID: CVE-2016-3574**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115143 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3575**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115144 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3576**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115145 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3577**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115146 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3578**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115147 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3579**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115148 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3580**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115149 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3581**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115150 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3582**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115151 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3583**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115152 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3590**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115153 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3591**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115154 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3592**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115155 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3593**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115156 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3594**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115157 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3595**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115158 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID: CVE-2016-3596**
DESCRIPTION:** An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has high confidentiality impact, low integrity impact, and low availability impact.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/115159 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
Affected Products and Versions
Rational DOORS Next Generation 6.0.2
Rational DOORS Next Generation 6.0.1
Rational DOORS Next Generation 6.0
Rational DOORS Next Generation 5.0.2
Releases prior to 5.0.2 are not affected.
Remediation/Fixes
For the 6.0.2 release, upgrade to version 6.0.2 iFix005 or later.
- Rational DOORS Next Generation 6.0.2 iFix005
For the 6.0.1 release, upgrade to version 6.0.2 with the latest iFix.
For the 6.0 release, upgrade to version 6.0.2 with the latest iFix.
For the 5.0.2 release, upgrade to version 5.0.2 iFix018 or later.
Workarounds and Mitigations
None
Related
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:C/I:P/A:P