IBMCF48CF2E4C992D03050AD1B86709314A91AFBCF3E0EBBD84A154D83BCFCA4496Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Administrator (CVE-2015-0488, CVE-2015-1916)
0.063 Low
EPSS
Percentile
93.7%
Summary
There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 6 that is used by Rational Directory Administrator. These issues were disclosed as part of the IBM Java SDK updates in April 2015.
Vulnerability Details
CVEID:CVE-2015-0488**
DESCRIPTION: *An unspecified vulnerability related to the JSSE component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/102336> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVEID: CVE-2015-1916**
DESCRIPTION: *Server applications which use the IBM Java Secure Socket Extension provider to accept SSL/TLS connections are vulnerable to a denial of service attack due to an unspecified vulnerability.
CVSS Base Score: 5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101995> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Affected Products and Versions
Product
| Version
—|—
Rational Directory Administrator| 6.0 - 6.0.0.2_iFix02
Remediation/Fixes
Product
| Download link
—|—
IBM Rational Directory Administrator 6.0 and above| RDA 6.0.0.2 iFix03
Workarounds and Mitigations
None
Related
0.063 Low
EPSS
Percentile
93.7%