6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
38.5%
libcURL vulnerabilities were disclosed by the libcURL Project. libcURL is used by IBM Rational ClearCase. CVE-2023-23916
CVEID:CVE-2023-23916
**DESCRIPTION:**cURL libcurl is vulnerable to a denial of service, caused by a flaw in the decompression chain implementation. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause memory errors, and results in a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/247437 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Rational ClearCase | 9.1 |
IBM Rational ClearCase | 9.0.2 |
Apply a fix pack as listed in the table below.
Affected Versions
|
Applying the fix
โ|โ
9.1 through 9.1.0.4| Install Rational ClearCase Fix Pack 5 (9.1.0.5) for 9.1
9.0.2 through 9.0.2.7| Install Rational ClearCase Fix Pack 8 (9.0.2.8) for 9.0.2
For 9.0.2.X and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product.
_For 10.0.0.x releases, IBM recommends upgrading to 10.0.1.x release. _
None
CPE | Name | Operator | Version |
---|---|---|---|
rational clearcase | eq | 8.0.0 | |
rational clearcase | eq | 8.0.1 | |
rational clearcase | eq | 9.0.0 | |
rational clearcase | eq | 9.0.1 | |
rational clearcase | eq | 9.0.2 | |
rational clearcase | eq | 9.1 |
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
38.5%