There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 6 that is used by Rational Directory Server. These issues were disclosed as part of the IBM Java SDK updates in October 2014 and January 2015.
CVEID: CVE-2014-6457
Description: An unspecified vulnerability related to the JSSE component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/97148> for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
CVEID: CVE-2014-6593
Description: An unspecified vulnerability related to the JSSE component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4 CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/100153> for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
Product
| Version
—|—
Rational Directory Server (Tivoli) | 5.2 - 5.2.1_iFix004
Rational Directory Server (Apache)| 5.1.1 - 5.1.1.2_iFix005
Rational Directory Administrator| 6.0 - 6.0.0.1_iFix01
Product | Download link |
---|---|
IBM Rational Directory Server 5.2 (Tivoli) and above | RDS 5.2.1 iFix005 |
IBM Rational Directory Server 5.1.1 (Apache) and above | RDS 5.1.1.2 iFix006 |
IBM Rational Directory Administrator 6.0 and above | RDA 6.0.0.2 |
None