7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
WebSphere Application Server Test Environment (WAS TE) from IBM Rational Application Developer for WebSphere Software is shipped with Rational Business Developer. The WAS TE is affected by a classloader manipulation vulnerability in Apache Struts. Information about the security vulnerability affecting Rational Application Developer has been published in a security bulletin.
| Subscribe to My Notifications to be notified of important product support alerts like this.
Review the security bulletin ClassLoader manipulation with Apache Struts in WebSphere Application Server affecting Rational Application Developer (CVE-2014-0114) for vulnerability details.
Version 9.1.0 and earlier of Rational Business Developer are affected.
Product
| VRMF|APAR|Fix
—|—|—|—
Rational Business Developer| 7.5.x and 8.0.x| PI18804|
For WAS TE versions v6.1.0.0 through to v6.1.0.47, apply WebSphere Application Server 6.1 Test Environment Update 6.1.0.47u2
For WAS TE versions v7.0.0.0 through to v7.0.0.31 , apply WebSphere Application Server 7.0 Test Environment Extension 7.0.0.31u1
Rational Business Developer| 8.5.x and 9.x| PI18804|
For WAS TE versions v7.0.0.0 through to v7.0.0.31 , apply WebSphere Application Server 7.0 Test Environment Extension 7.0.0.31u1
None