IBM Jazz Foundation
Easy fix4 remedies
cpe:2.3:a:ibm:jazz_foundation:*:*:*:*:*:*:*
Easy fix4 remedies
- >= 7.0.2, <= 7.0.2 iFix035
- >= 7.0.3, <= 7.0.3 iFix018
- >= 7.1.0, <= 7.1.0 iFix004
IBM Jazz Foundation Missing Authorization Vulnerability Allowing Unauthorized Actions and Denial-of-Service
Vulnerability
Patched
A vulnerability in IBM Jazz Foundation versions 7.0.2 (through iFix035), 7.0.3 (through iFix018), and 7.1.0 (through iFix004) could enable an unauthenticated remote attacker to modify server property files. This unauthorized modification could lead to the execution of unauthorized actions, ultimately causing a denial-of-service condition.
Impact
Exploitation of this vulnerability could result in unauthorized actions being performed on the server, followed by a denial-of-service condition.
Remediation
Users are advised to upgrade to version 7.0.2 iFix035, 7.0.3 iFix018, or 7.1.0 iFix004. After upgrading, set the Advanced property 'setup.isRegistrationHandlerServiceOpen' to 'False' under Jazz Team Server (JTS) > Server Administration > Advanced property page.
Added: Aug 24, 2025, 2:17 AM
Updated: Aug 24, 2025, 2:17 AM
Vulnerability Rating
Custom Algorithm
spread
0.3impact
7.5exploitability
7.0remediation
8.3relevance
0.4threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.