The Rational Insight is shipped with a version of the Apache Tomcat web server which contains a security vulnerability that could have a potential security impact.
CVEID: CVE-2014-0230**
DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by missing limitations on request body size. By sending a specially crafted request to the server, an attacker could keep a connection open and force Tomcat to keep a processing thread allocated to the connection.
CVSS Base Score: 5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/102131> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Rational Insight 1.1, 1.1.1, 1.1.1.1, 1.1.1.2, 1.1.1.3, 1.1.1.4, 1.1.1.5, 1.1.1.6 and 1.1.1.7
Apply the recommended fixes to all affected versions of Rational Insight.
Rational Insight 1.1
Rational Insight 1.1.1, 1.1.1.1 and 1.1.1.2
Rational Insight 1.1.1.4 and 1.1.1.5 and 1.1.1.6 and 1.1.1.7
None