There is a potential security vulnerability in the Apache Tomcat used by Rational Build Forge.
CVEID: CVE-2017-15706**
DESCRIPTION:** Apache Tomcat could provide weaker than expected security, caused by the incorrect documentation of the CGI search algorithm used by the CGI Servlet to identify which script to execute. The error resulted in the failure of some scripts to execute as expected and other scripts may have been executed unexpectedly.**
CVSS Base Score**: 5.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/138486 for the current score. CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
IBM Rational Build Forge from 8.0.0.6.
You must download the Fix pack specified in the following table and apply it.
Affected Version |
Fix
—|—
Build Forge 8.0.0.6 |
Rational Build Forge 8.0.0.7 Download.
None.
CPE | Name | Operator | Version |
---|---|---|---|
rational build forge | eq | 8.0.0.6 |