3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.6%
There are multiple vulnerabilities in Open JDK Version 8, OpenJ9 used by Rational Functional Tester (RFT) / DevOps Test UI. RFT has addressed the applicable CVEs.
CVEID:CVE-2024-21085
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low availability impacts.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/288000 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:CVE-2024-21012
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Networking component could allow a remote attacker to cause high integrity impact.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/288019 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
Affected Product(s) | Version(s) |
---|---|
Rational Functional Tester (RFT) | RFT 10.0 |
Rational Functional Tester (RFT) | RFT 10.1 |
Rational Functional Tester (RFT) | RFT 10.2 |
Rational Functional Tester (RFT) | RFT 10.5 |
DevOps Test UI (Test UI) | Test UI 11.0 |
Download the correct version of JDK for your platform to manually replace the JDK.
Note: Please take a backup of the existing _${RFTinstallLocation}/_jdk folder.
Download the correct version of JRE for your platform to manually replace the JRE.
Note: Please take a backup of the existing _${DTUIinstallLocation}/_jre17/jre folder.
Additional steps for Mac OS:
Run the following commands:
chmod -R +x ${RFTinstallLocation}/jdk/Contents/Home/bin
chmod -R +x ${RFTinstallLocation}/jdk/Contents/Home/jre/bin
chmod -R +x ${RFTinstallLocation}/jdk/Contents/Home/jre/lib/jspawnhelper
chmod -R +x ${RFTinstallLocation}/jdk/Contents/Home/jre/lib/*.dylib
rm -f ${RFTinstallLocation}/jdk/Contents/MacOS/libjli.dylib
ln -s ${RFTinstallLocation}/jdk/Contents/Home/jre/lib/jli/libjli.dylib ${RFTinstallLocation}/jdk/Contents/MacOS/libjli.dylib
For DevOps Test UI 11.0.0 and later releases, run the following additional commands:
chmod -R +x ${TestUIinstallLocation}/jre17/jre/Contents/Home/bin
chmod -R +x ${TestUIinstallLocation}/jre17/jre/Contents/Home/lib/jspawnhelper
chmod -R +x ${TestUIinstallLocation}/jre17/jre/Contents/Home/lib/*.dylib
rm -f ${TestUIinstallLocation}/jre17/jre/Contents/MacOS/libjli.dylib
ln -s ${TestUIinstallLocation}/jre17/jre/Contents/Home/lib/jli/libjli.dylib ${TestUIinstallLocation}/jre17/jre/Contents/MacOS/libjli.dylib
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm rational functional tester | eq | 10.0 | |
ibm rational functional tester | eq | 11.0 |
3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.6%