Lucene search

K
ibmIBME35B3BFF26EE49538A5E52DCE95E046C70D680FA622448F3D6FE654C3E6D6A09
HistoryJun 17, 2018 - 5:06 a.m.

Security Bulletin: Security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational RequisitePro (CVE-2015-1283, CVE-2015-4947, CVE-2015-3183)

2018-06-1705:06:16
www.ibm.com
5

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

Summary

IBM WebSphere Application Server is shipped as a component of IBM Rational RequisitePro. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Please consult these security bulletins:

Affected Products and Versions

Rational RequisitePro 7.1.x.x

This vulnerability affects the RequisiteWeb component.

Remediation/Fixes

Review the security bulletin referenced above and apply the relevant fixes to your WAS installation used for RequisiteWeb.

Affected Versions

|

** Applying the fix**

—|—
7.1.0.x, 7.1.1.x, and 7.1.2.x| Document 1390803 explains how to update WebSphere Application Server for RequisiteWeb. Consult those instructions when applying the fix.
7.1.3.x
7.1.4.x| Apply the appropriate WebSphere Application Server fix directly to your RequisiteWeb server host. No RequisiteWeb-specific steps are necessary.

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C