Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM15E5B71ACD8F825980E0777DD552514D667555BF1B6B940E499C389766649F84
HistoryJun 17, 2018 - 4:59 a.m.

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects Rational Directory Server (CVE-2014-6457, CVE-2014-6593)

2018-06-1704:59:51
www.ibm.com
13

EPSS

0.698

Percentile

98.0%

JSON

Summary

There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 6 that is used by Rational Directory Server. These issues were disclosed as part of the IBM Java SDK updates in October 2014 and January 2015.

Vulnerability Details

CVEID: CVE-2014-6457

Description: An unspecified vulnerability related to the JSSE component has partial confidentiality impact, partial integrity impact, and no availability impact.

CVSS Base Score: 4 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/97148&gt; for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)

CVEID: CVE-2014-6593

Description: An unspecified vulnerability related to the JSSE component has partial confidentiality impact, partial integrity impact, and no availability impact.

CVSS Base Score: 4 CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/100153&gt; for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)

Affected Products and Versions

Product

| Version
—|—
Rational Directory Server (Tivoli) | 5.2 - 5.2.1_iFix004
Rational Directory Server (Apache)| 5.1.1 - 5.1.1.2_iFix005
Rational Directory Administrator| 6.0 - 6.0.0.1_iFix01

Remediation/Fixes

Product Download link
IBM Rational Directory Server 5.2 (Tivoli) and above RDS 5.2.1 iFix005
IBM Rational Directory Server 5.1.1 (Apache) and above RDS 5.1.1.2 iFix006
IBM Rational Directory Administrator 6.0 and above RDA 6.0.0.2

Workarounds and Mitigations

None

Related

ibm 128
packetstorm 2
debiancve 2
veracode 4
vmware 2
threatpost 1
nvd 3
cvelist 2
prion 2
metasploit 1
ubuntucve 2
kaspersky 1
cve 3
zdt 2
openvas 10
nessus 19
exploitdb 1
f5 2
redhat 5
oraclelinux 2
osv 1
debian 2
centos 1
amazon 1
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Service Tester (CVE-2014-3566, CVE-2014-6457, CVE-2014-6593, CVE-2015-0410)
2018-06-17 05:00:45
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Performance Tester (CVE-2014-3566, CVE-2014-6457, CVE-2014-6593, CVE-2015-0410)
2018-06-17 05:00:45
Security Bulletin: Vulnerability in IBM Java SDK affects IBM SONAS (CVE-2014-6593)
2018-06-18 00:09:22
packetstorm
packetstorm
Java Secure Socket Extension (JSSE) SKIP-TLS
2015-11-06 00:00:00
Java Secure Socket Extension (JSSE) SKIP-TLS MITM Proxy
2015-08-12 00:00:00
debiancve
debiancve
CVE-2014-6593
2015-01-21 15:28:29
CVE-2014-6457
2014-10-15 15:55:07
veracode
veracode
Authorization Bypass
2019-05-02 05:07:16
Man-in-the-Middle (MitM)
2019-01-15 09:02:24
Privilege Escalation
2019-05-02 05:12:51
vmware
vmware
VMware product updates address critical information disclosure issue in JRE.
2015-04-02 00:00:00
VMware product updates address critical information disclosure issue in JRE
2015-04-02 00:00:00
threatpost
threatpost
VMware Fixes Java Information Disclosure Vulnerability
2015-04-03 11:03:15
nvd
nvd
CVE-2014-6593
2015-01-21 15:28:29
CVE-2014-6457
2014-10-15 15:55:07
CVE-2015-6593
2015-05-30 19:59:10
cvelist
cvelist
CVE-2014-6593
2015-01-21 15:00:00
CVE-2014-6457
2014-10-15 15:15:00
prion
prion
Design/Logic Flaw
2014-10-15 15:55:00
Design/Logic Flaw
2015-01-21 15:28:00
metasploit
metasploit
Java Secure Socket Extension (JSSE) SKIP-TLS MITM Proxy
2015-06-09 02:41:17
ubuntucve
ubuntucve
CVE-2014-6593
2015-01-21 00:00:00
CVE-2014-6457
2014-10-15 00:00:00
kaspersky
kaspersky
KLA10530 JRE update for multiple VMware products
2015-04-02 00:00:00
cve
cve
CVE-2014-6593
2015-01-21 15:28:29
CVE-2014-6457
2014-10-15 15:55:07
CVE-2015-6593
2015-05-30 19:59:10
zdt
zdt
Java Secure Socket Extension (JSSE) SKIP-TLS
2015-11-05 00:00:00
Java Secure Socket Extension (JSSE) SKIP-TLS MITM Proxy Exploit
2015-08-13 00:00:00
openvas
openvas
VMware NSX updates address critical information disclosure issue in JRE (VMSA-2015-0003)
2015-10-27 00:00:00
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 (Oct 2014) - Linux
2014-10-20 00:00:00
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 (Oct 2014) - Windows
2014-10-20 00:00:00
nessus
nessus
VMware vSphere Update Manager Java Vulnerability (VMSA-2015-0003)
2015-05-01 00:00:00
IBM WebSphere Application Server 7.0 < Fix Pack 37 Multiple Vulnerabilities (POODLE)
2015-03-17 00:00:00
Oracle JRockit R27.8.3 / R28.3.3 Multiple Vulnerabilities (October 2014 CPU)
2014-10-15 00:00:00
exploitdb
exploitdb
JSSE - SKIP-TLS
2015-11-05 00:00:00
f5
f5
SOL16353 - Multiple JavaSE server-side vulnerabilities CVE-2015-0383, CVE-2015-0410, and CVE-2014-6593
2015-04-02 00:00:00
K16353 : Multiple JavaSE server-side vulnerabilities CVE-2015-0383, CVE-2015-0410, and CVE-2014-6593
2015-04-02 00:00:00
redhat
redhat
(RHSA-2015:0136) Important: java-1.5.0-ibm security update
2015-02-05 00:00:00
(RHSA-2014:1881) Important: java-1.5.0-ibm security update
2014-11-20 00:00:00
(RHSA-2014:1634) Important: java-1.6.0-openjdk security and bug fix update
2014-10-14 00:00:00
oraclelinux
oraclelinux
java-1.7.0-openjdk security and bug fix update
2014-10-15 00:00:00
java-1.7.0-openjdk security and bug fix update
2014-10-15 00:00:00
osv
osv
openjdk-7 - security update
2014-11-29 00:00:00
debian
debian
[SECURITY] [DSA 3080-1] openjdk-7 security update
2014-11-29 12:43:45
[SECURITY] [DSA 3077-1] openjdk-6 security update
2014-11-26 19:10:21
centos
centos
java security update
2014-10-15 11:48:47
amazon
amazon
Important: java-1.7.0-openjdk
2014-10-16 22:16:00

EPSS

0.698

Percentile

98.0%

JSON
Related for 15E5B71ACD8F825980E0777DD552514D667555BF1B6B940E499C389766649F84
ibm128packetstorm2debiancve2veracode4vmware2threatpost1nvd3cvelist2prion2metasploit1ubuntucve2kaspersky1cve3zdt2openvas10nessus19exploitdb1f52redhat5oraclelinux2osv1debian2centos1amazon1