Sep 24, 2020 8:00 pm EDT
Categorized: Low Severity
Share this post:
There are multiple vulnerabilities in IBM® SDK Java Technology Edition from July 2020 CPU, the CVE-2020-2590 (deferred from Oracle Jan 2020 CPU) and CVE-2020-2601 (deferred from Oracle Jan 2020 CPU) that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Lifecycle Optimization – Engineering Insights (ENI), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody – Design Manager (RDM), IBM Engineering Systems Design Rhapsody – Model Manager (RMM). These issues were disclosed as part of the IBM Java SDK updates in July 2020.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Engineering Workflow Management | EWM 7.0.1 |
| RTC | 6.0.2 |
| RTC | 6.0.6.1 |
| EWM | 7.0 |
| RTC | 6.0.6 |
| Rhapsody DM | 6.0.6 |
| IBM Engineering Systems Design Rhapsody – Design Manager | RDM 7.0.1 |
| Rhapsody DM | 6.0.6.1 |
| Rhapsody DM | 6.0.2 |
| RDM | 7.0 |
| RDNG | 6.0.2 |
| DOORS Next | 7.0 |
| IBM Engineering Requirements Management DOORS Next | DOORS Next 7.0.1 |
| RDNG | 6.0.6.1 |
| RDNG | 6.0.6 |
| CLM | 6.0.6.1 |
| CLM | 6.0.6 |
| ELM | 7.0 |
| CLM | 6.0.2 |
| ELM | 7.0.1 |
| RQM | 6.0.6.1 |
| IBM Engineering Test Management | ETM 7.0.1 |
| RQM | 6.0.6 |
| ETM | 7.0.0 |
| RQM | 6.0.2 |
| RELM | 6.0.6.1 |
| IBM Engineering Lifecycle Optimization – Engineering Insights | ENI 7.0.1 |
| RELM | 6.0.6 |
| ENI | 7.0 |
| RELM | 6.0.2 |
| IBM Engineering Systems Design Rhapsody | All |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6336901
from IBM Product Security Incident Response Team https://ift.tt/3mRu8gM
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.