IBMD4DE6F675B18A8F615B3BC54A8F5D96F0177D9CE5FAE8D336CA2EE2E2380DF9DSecurity Bulletin: Multiple vulnerabilities in IBM HTTP Server affect Rational Build Forge (CVE-2017-15710, CVE-2017-15715, CVE-2018-1301)
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Summary
There are multiple vulnerabilities in the IBM® HTTP Server used by the Web Application Server, where the IBM Rational Build Forge is hosted. These vulnerabilities affect the Rational Build Forge resulting in denial-of-service allowing a remote attacker to exploit the vulnerability.
Vulnerability Details
You must refer to the security bulletin listed in the Remediation/Fixes section…
Affected Products and Versions
Rational Build Forge 8.0.0.7.
Remediation/Fixes
You must refer to the following security bulletin for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS).
| Affected Version | Fix |
|---|---|
| IBM HTTP Server | Security Bulletin: Multiple vulnerabilities in the IBM HTTP Server (CVE-2017-15710, CVE-2017-15715, CVE-2018-1301). |
Workarounds and Mitigations
None.
Related
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P