30 matches found
Security Bulletin: Multiple Vulnerabilities in Rational Synergy
Summary Vulnerabilities in Eclipse Jetty shipped with Rational Synergy may affect the security of the product. Vulnerability Details CVEID:CVE-2024-22201 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by a flaw when an HTTP/2 connection gets TCP congested. By sending a...
Security Bulletin: Multiple Vulnerabilities in Rational Synergy 7.2.2 Fix Pack 05 and earlier versions.
Summary Vulnerabilities in the Jetty 9.4.48 and earlier component shipped with Rational Synergy may affect the security of the product. Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the...
Security Bulletin: Multiple Vulnerabilities in Rational Synergy 7.2.2.5
Summary Vulnerabilities in the Java Runtime Environment JRE 8.0.7.11 and earlier component shipped with Rational Synergy may affect the security of the product. Vulnerability Details CVEID:CVE-2023-21830 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component...
Security Bulletin: Multiple Vulnerabilities in Rational Synergy 7.2.2 Fix Pack 04 and earlier versions.
Summary Vulnerabilities in the Jetty 9.4.42 and earlier component shipped with Rational Synergy may affect the security of the product. Vulnerability Details CVEID:CVE-2022-2191 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by a flaw with SslConnection does not release...
Security Bulletin: Multiple Vulnerabilities in Rational Synergy 7.2.2.4
Summary Vulnerabilities in the Java Runtime Environment JRE 8.0.6.30 and earlier component shipped with Rational Synergy may affect the security of the product. Vulnerability Details CVEID:CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allo...
Security Bulletin: Vulnerability in Jasper, Version 8 Service Refresh 5 Fix Pack 33, used in Jetty Server 9.4.14 where Rational Synergy is deployed.
Summary A security vulnerability in Jasper, Version 8 Service Refresh 5 Fix Pack 33, used by Jetty versions 9.4.14 is affecting IBM Rational Synergy. Vulnerability Details CVEID: CVE-2020-27216 DESCRIPTION: Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on th...
Security Bulletin: Security vulnerability in IBM Java SDK affecting Rational Synergy (CVE-2019-4732)
Summary There is a security vulnerability in IBM® SDK Java™ Technology Edition, Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55 used by Rational Synergy versions 7.2.1.0 to 7.2.1.7. Rational Synergy has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-4732...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Rational Synergy
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.0.10.40 and Version 8.0.5.35 used by Rational Synergy versions 7.2.1.0 to 7.2.1.7. Rational Synergy has addressed the applicable CVEs. Vulnerability Details Rational Synergy has addressed the following: If...
Security Bulletin: Multiple vulnerabilities in Jasper used in Jetty 8.1.3 Server where Rational Synergy is deployed
Summary There are multiple vulnerabilities in Jasper, Version 2 Service Refresh 2 Fix Pack 2, used by Jetty 8.1.3 is affecting IBM Rational Synergy. Vulnerability Details The following are the list of vulnerabilities affecting IBM Rational Synergy: CVEID: CVE-2018-12538 DESCRIPTION: Eclipse Jetty...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Synergy (CVE-2016-3426)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 Service Refresh 16 Fix Pack 20 that is used by IBM Rational Synergy. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3426...
Security Bulletin: Rational Synergy vulnerability (CVE-2014-4263, CVE-2014-3068,CVE-2014-3566,CVE-2014-6457)
Summary A possible security vulnerability has been reported in the JSSE component of IBM Java shipped with Rational Synergy. Vulnerability Details CVE-ID: CVE-2014-4263 Description: An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrit...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational Synergy
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6 Service Refresh 16 Fix Pack 50 and earlier releases used by IBM Rational Synergy. These issues were disclosed as part of the IBM Java SDK updates in October 2017 and January 2018. Vulnerability Details If you r...
Security Bulletin:Vulnerability in Diffie-Hellman ciphers affects Rational Synergy (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Rational Synergy Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey ...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Synergy (CVE-2016-0475 and CVE-2015-7575)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 Service Refresh 16 Fix Pack 15 and earlier releases that is used by Rational Synergy. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the...
Security Bulletin: Potential Denial of Service security vulnerability in Rational Synergy (CVE-2011-4461)
Summary Potential Denial of Service DoS security vulnerability in IBM Rational Synergy due to a Java HashTable security vulnerability in Jetty CVE-2011-4461. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for mo...
Security Bulletin: Multiple Vulnerabilities in Rational Synergy
Summary Vulnerabilities in the Java Runtime Environment JRE 6 SR10 and earlier component shipped with Rational Synergy may affect the security of the product. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for...
Security Bulletin: Open Redirect and Cross-Site Scripting Vulnerabilities in the Rational Synergy Help System (CVE-2012-2159, CVE-2012-2161)
Summary Some scripts in the help system used by IBM Rational Synergy are vulnerable to open redirect or cross-site scripting attacks. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires...
Security Bulletin: Unspecified Vulnerabilities in Rational Synergy (CVE-2012-0502,CVE-2012-0503,CVE-2012-0506,CVE-2012-0507,CVE-2011-3563,CVE-2012-0500,CVE-2012-0497,CVE-2012-0498,CVE-2012-0499,CVE-2012-0500,CVE-2012-0501,CVE-2012-0505,CVE-2011-5035)
Summary Vulnerabilities in the Java Runtime Environment JRE 6 update 32 and earlier component shipped with IBM Rational Synergy may affect the security of the product. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this...
Security Bulletin: Rational Synergy is affected by vulnerabilities (CVE-2014-5325 and CVE-2014-5326) in Java Open Source Direct Web Remoting library.
Summary The DOMConverter, JDOMConverter, DOM4JConverter, and XOMConverter functions in Direct Web Remoting DWR through 2.0.10 and 3.x through 3.0.RC2 allow remote attackers to read arbitrary files via DOM data containing an XML external entity declaration in conjunction with an entity reference,...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Synergy (CVE-2015-0138, CVE-2014-6593,CVE-2015-0410)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM Rational Synergy. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client...