Monday, June 29, 2020

Security Bulletin: A vulnerability in the IBM Java Runtime affects IBM Rational ClearQuest (CVE-2020-2654)

Jun 29, 2020 8:00 pm EDT

Categorized: Low Severity

Share this post:

There is a vulnerability in the IBM® Runtime Environment Java™ Versions 7 and 8, which are used by IBM Rational ClearQuest. This issue was disclosed as part of the IBM Java SDK updates in January 2020 (deferred from Oracle Jan 2020 CPU).

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Rational ClearQuest 9.0.2
IBM Rational ClearQuest 9.0
IBM Rational ClearQuest 9.0.1

IBM Rational ClearQuest version 9 in the following components:

  • ClearQuest Web/CQ OSLC server/CM Server component, when configured to use SSL.
  • ClearQuest Eclipse clients that use Report Designer, run remote reports on servers using secure connections, or use the embedded browser to connect to secure web sites. If you do not use the ClearQuest Eclipse client in this way, then you are not affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6241406



from IBM Product Security Incident Response Team https://ift.tt/2VrYREP

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.