Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester

2021-03-2619:36:22

www.ibm.com

ibm java sdk

ibm java runtime

rational service tester

cve-2020-14797

versions 9.1

9.2

9.5

vulnerabilities

libraries component

EPSS

0.002

Percentile

61.5%

JSON

Summary

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Service Tester. Rational Service Tester has addressed the applicable CVEs.

Vulnerability Details

CVEID:CVE-2020-14797
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/190115 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
RST	9.1
RST	9.2
RST	9.5

Remediation/Fixes

Product	VRMF	APAR	Remediation/First Fix
RST	9.5	None	http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FRational+Service+Tester+for+SOA+Quality&fixids=Rational-RST-JavaPatch-Java8SR6FP25&source=SAR
RST	9.2	None	http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FRational+Service+Tester+for+SOA+Quality&fixids=Rational-RST-JavaPatch-Java8SR6FP25&source=SAR
RST	9.1	None	http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FRational+Service+Tester+for+SOA+Quality&fixids=Rational-RST-JavaPatch-Java8SR6FP25&source=SAR