5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
28.6%
There are multiple vulnerabilities in Open JDK Version 8, OpenJ9 used by Rational Functional Tester (RFT). RFT has addressed the applicable CVEs.
CVEID:CVE-2023-22067
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the CORBA component could allow a remote attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/268928 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID:CVE-2023-22081
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality impact, no integrity impact, and low availability impact.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/268929 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Affected Product(s) | Version(s) |
---|---|
Rational Functional Tester (RFT) | RFT 10.0 |
Rational Functional Tester (RFT) | RFT 10.1 |
Rational Functional Tester (RFT) | RFT 10.2 |
Rational Functional Tester (RFT) | RFT 10.5 |
DevOps Test UI (Test UI) | Test UI 11.0 |
Download the JDK appropriate for your platform in order to manually replace the JDK.
Note: Please take backup of existing _${RFTinstallLocation}/_jdk folder.
Additional steps for Mac OS:
Run below commands
chmod -R +x ${RFTinstallLocation}/jdk/Contents/Home/bin
chmod -R +x ${RFTinstallLocation}/jdk/Contents/Home/jre/bin
chmod -R +x ${RFTinstallLocation}/jdk/Contents/Home/jre/lib/jspawnhelper
chmod -R +x ${RFTinstallLocation}/jdk/Contents/Home/jre/lib/*.dylib
rm -f ${RFTinstallLocation}/jdk/Contents/MacOS/libjli.dylib
ln -s ${RFTinstallLocation}/jdk/Contents/Home/jre/lib/jli/libjli.dylib ${RFTinstallLocation}/jdk/Contents/MacOS/libjli.dylib
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm devops test ui | eq | 10.0 | |
ibm devops test ui | eq | 11.0 |
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
28.6%