Jun 25, 2020 8:00 pm EDT
Categorized: Medium Severity
Share this post:
OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVE.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Rational ClearCase | 8.0.0 |
| IBM Rational ClearCase | 9.0 |
| IBM Rational ClearCase | 9.0.1 |
| IBM Rational ClearCase | 9.0.2 |
| IBM Rational ClearCase | 8.0.1 |
Not all deployments of Rational ClearCase use OpenSSL in a way that is affected by these vulnerabilities.
You are vulnerable if your use of Rational ClearCase includes any of these configurations:
- You use the base ClearCase/ClearQuest integration client on any platform, configured to use SSL to communicate with a ClearQuest server.
- You use the UCM/ClearQuest integration on UNIX/Linux clients, configured to use SSL to communicate with a ClearQuest server.
Note: Windows clients using the UCM/ClearQuest integration are not vulnerable. - On UNIX/Linux clients, you use the Change Management Integration (CMI), when configured to use SSL to communicate with the server.
Note: Windows clients using the CMI integration are not vulnerable. - You use ratlperl, ccperl, or cqperl to run your own perl scripts, and those scripts use SSL connections.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6228808
from IBM Product Security Incident Response Team https://ift.tt/2NyCAkk
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.