IBM Support

Security Bulletin: ClassLoader manipulation with Apache Struts in WebSphere Application Server affecting Rational Developer for Power Systems Software, Rational Developer for AIX and Linux, Rational Developer for i, (CVE-2014-0114)

Created by Chris Recoskie on
Published URL:
https://www.ibm.com/support/pages/node/512151
512151

Security Bulletin


Summary

Portions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for Power Systems Software, Rational Developer for i, and Rational Developer for AIX and Linux. Information about a security vulnerability affecting Rational Application Developer has been published in a security bulletin.

Vulnerability Details

Subscribe to My Notifications to be notified of important product support alerts like this.
  • Follow this link for more information (requires login with your IBM ID)

Review security bulletin ClassLoader manipulation with Apache Struts in WebSphere Application Server affecting Rational Application Developer (CVE-2014-0114) for vulnerability details.

Affected Products and Versions

Affected Product and Version(s)

Product and Version shipped as a component
IBM Rational Developer for Power Tools for IBM i /AIX V8.5Rational Application Developer 8.5
IBM Rational Developer for i RPG and COBOL + Modernization Tools, Java Edition v9.0, 9.0.0.1, 9.0.1, 9.1Rational Application Developer 9.0, 9.0.1, and 9.1 respectively
IBM Rational Developer for i RPG and COBOL + Modernization Tools, Java Edition v9.0, 9.0.0.1, 9.0.1, 9.1Rational Application Developer 9.0, 9.0.1, and 9.1 respectively
IBM Rational Developer for i RPG and COBOL + Modernization Tools, EGL Edition v9.0, 9.0.0.1, 9.0.1, 9.1Rational Application Developer 9.0, 9.0.1, and 9.1 respectively
IBM Rational Developer for AIX and Linux v9.0, 9.0.0.1, 9.0.1, 9.1, AIX COBOL EditionRational Application Developer 9.0, 9.0.1, and 9.1 respectively
IBM Rational Developer for AIX and Linux v9.0, 9.0.0.1, 9.0.1, 9.1 C/C++ EditionRational Application Developer 9.0, 9.0.1, and 9.1 respectively

Remediation/Fixes

Review the Remediation/Fixes section in security bulletin ClassLoader manipulation with Apache Struts in WebSphere Application Server affecting Rational Application Developer (CVE-2014-0114) for instructions on obtaining the fix for this issue.

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

Off

Acknowledgement

None

Change History

* 3 June 2014: Original copy published

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

Internal Use Only

PSIRT Advisory 1747, record 37687 and 37688

[{"Product":{"code":"SSPSQF","label":"Rational Developer for AIX and Linux"},"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Component":"General Information","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"9.0;9.0.0.1;9.0.1;9.1","Edition":"AIX COBOL Edition;C\/C++ Edition","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Product":{"code":"SSAE4W","label":"Rational Developer for i"},"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Component":" ","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"9.0;9.0.0.1;9.0.1;9.1","Edition":"All Editions","Line of Business":{"code":"LOB57","label":"Power"}},{"Product":{"code":"SS4QVT","label":"Rational Developer for Power Systems Software"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":" ","Platform":[{"code":"PF033","label":"Windows"},{"code":"PF016","label":"Linux"}],"Version":"8.5;8.5.1","Edition":"All Editions","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]

Document Information

Modified date:
02 August 2018

UID

swg21674913