CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
60.3%
Spring Framework is vulnerable to a security issue affecting Rational Test Control Panel
CVEID:CVE-2022-22971
**DESCRIPTION:**Vmware Tanzu Spring Framework is vulnerable to a denial of service, caused by a flaw with a STOMP over WebSocket endpoint. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/226492 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
Rational Test Control Panel component in Rational Test Virtualization Server | 9.2.1.1, 9.5, 10.0.2.1, 10.1.3, 10.2.3, 10.5.0 |
Rational Test Control Panel component in Rational Test Workbench | 9.2.1.1, 9.5, 10.0.2.1, 10.1.3, 10.2.3, 10.5.0 |
C:\Program Files\IBM\RationalTestControlPanel\
AIX, Linux, Solaris: /opt/IBM/RationalTestControlPanel/
RationalTestControlPanel
directory, overwriting the existing files.None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | rational_test_workbench | 9.2 | cpe:2.3:a:ibm:rational_test_workbench:9.2:*:*:*:*:*:*:* |
ibm | rational_test_workbench | 9.5 | cpe:2.3:a:ibm:rational_test_workbench:9.5:*:*:*:*:*:*:* |
ibm | rational_test_workbench | 10.0 | cpe:2.3:a:ibm:rational_test_workbench:10.0:*:*:*:*:*:*:* |
ibm | rational_test_workbench | 10.1 | cpe:2.3:a:ibm:rational_test_workbench:10.1:*:*:*:*:*:*:* |
ibm | rational_test_workbench | 10.2 | cpe:2.3:a:ibm:rational_test_workbench:10.2:*:*:*:*:*:*:* |
ibm | rational_test_workbench | 10.5 | cpe:2.3:a:ibm:rational_test_workbench:10.5:*:*:*:*:*:*:* |
ibm | rational_test_virtualization_server | 9.2 | cpe:2.3:a:ibm:rational_test_virtualization_server:9.2:*:*:*:*:*:*:* |
ibm | rational_test_virtualization_server | 9.5 | cpe:2.3:a:ibm:rational_test_virtualization_server:9.5:*:*:*:*:*:*:* |
ibm | rational_test_virtualization_server | 10.0 | cpe:2.3:a:ibm:rational_test_virtualization_server:10.0:*:*:*:*:*:*:* |
ibm | rational_test_virtualization_server | 10.1 | cpe:2.3:a:ibm:rational_test_virtualization_server:10.1:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
60.3%