IBM Security Bulletin: Multiple security vulnerabilities affect the Report Builder and Data Collection Component that are shipped with Jazz Reporting Service (CVE-2016-5898, CVE-2016-5899, CVE-2016-6054, CVE-2016-6047)

There are multiple security vulnerabilities in the Report Builder and Data Collection Component (DCC) shipped with Jazz Reporting Service.

CVE(s): CVE-2016-5898, CVE-2016-5899, CVE-2016-6054, CVE-2016-6047

Affected product(s) and affected version(s):

Jazz Reporting Service 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, and 6.0.2.

Note: CVE-2016-6047 only affects 6.0.2.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2heOPBQ
X-Force Database: http://ift.tt/2gkJSdi
X-Force Database: http://ift.tt/2heKkHv
X-Force Database: http://ift.tt/2gkzmCZ
X-Force Database: http://ift.tt/2hePRh0

from IBM Product Security Incident Response Team http://ift.tt/2gkKwaP