IBM Security Bulletin: Multiple security vulnerabilities affect the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2016-5897, CVE-2016-6039)

There are multiple security vulnerabilities in the Lifecycle Query Engine (LQE) shipped with Jazz Reporting Service.

CVE(s): CVE-2016-5897, CVE-2016-6039

Affected product(s) and affected version(s):

Jazz Reporting Service 6.0, 6.0.1, and 6.0.2.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2gkK8cy
X-Force Database: http://ift.tt/2heIMx6
X-Force Database: http://ift.tt/2gkLpQB

from IBM Product Security Incident Response Team http://ift.tt/2heIuGl