Home Unlabelled IBM Security Bulletin: Rational Asset Analyzer (RAA) is affected by a vulnerability in WAS liberty.

IBM Security Bulletin: Rational Asset Analyzer (RAA) is affected by a vulnerability in WAS liberty.

By
Saturday, December 15, 2018
Read
Add Comment

Dec 15, 2018 9:01 am EST

Categorized: Medium Severity

Share this post:

Rational Asset Analyzer (RAA) has addressed the following vulnerability: Apache Tomcat (used by WAS liberty) could allow a remote attacker to bypass security restrictions, caused by the use of expression language. An attacker could exploit this vulnerability to bypass the protections of a Security Manager.

CVE(s): CVE-2014-7810

Affected product(s) and affected version(s):

Product

Affected Versions

Rational Asset Analyzer6.1.0.0 – 6.1.0.18

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10743113
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103155



from IBM Product Security Incident Response Team https://ift.tt/2CfiqHl
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us