CVE-2015-1913

Name of the Vulnerable Software and Affected Versions IBM Rational Test Workbench and Rational Test Virtualization Server versions 8.0.0.x through 8.0.0.4 IBM Rational Test Workbench and Rational Test Virtualization Server versions 8.0.1.x through 8.0.1.5 IBM Rational Test Workbench and Rational Test Virtualization Server versions 8.5.0.x through 8.5.0.3 IBM Rational Test Workbench and Rational Test Virtualization Server versions 8.5.1.x through 8.5.1.4 IBM Rational Test Workbench and Rational Test Virtualization Server versions 8.6.0.x through 8.6.0.3 IBM Rational Test Workbench and Rational Test Virtualization Server versions 8.7.0.x through 8.7.0.1

Description The Rational Test Control Panel in IBM Rational Test Workbench and Rational Test Virtualization Server uses the MD5 algorithm for password hashing. This makes it easier for remote attackers to bypass authentication via unspecified vectors.

Recommendations For versions 8.0.0.x through 8.0.0.4, update to version 8.0.0.5 or later. For versions 8.0.1.x through 8.0.1.5, update to version 8.0.1.6 or later. For versions 8.5.0.x through 8.5.0.3, update to version 8.5.0.4 or later. For versions 8.5.1.x through 8.5.1.4, update to version 8.5.1.5 or later. For versions 8.6.0.x through 8.6.0.3, update to version 8.6.0.4 or later. For versions 8.7.0.x through 8.7.0.1, update to version 8.7.0.2 or later.