Share this post:
There are multiple vulnerabilities in IBM® SDK Java Technology Edition from April 2020 CPU and the CVE-2019-2949 (deferred from Oracle Oct 2019 CPU) that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Lifecycle Optimization – Engineering Insights (ENI), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody – Design Manager (RDM), IBM Engineering Systems Design Rhapsody – Model Manager (RMM). These issues were disclosed as part of the IBM Java SDK updates in April 2020.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| Rhapsody DM | 6.0.6 |
| Rhapsody DM | 6.0.6.1 |
| Rhapsody DM | 6.0.2 |
| RDM | 7.0 |
| RPE | 2.1.0 |
| RPE | 2.1.2 |
| RPE | 6.0.6 |
| RPE | 6.0.6.1 |
| PUB | 7.0 |
| RPE | 2.1.1 |
| CLM | 6.0.6.1 |
| CLM | 6.0.6 |
| CLM | 6.0.2 |
| ELM | 7.0 |
| RELM | 6.0.6.1 |
| RELM | 6.0.6 |
| RELM | 6.0.2 |
| ENI | 7.0 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6243888
from IBM Product Security Incident Response Team https://ift.tt/3inqDfP
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.