Share this post:

There are multiple vulnerabilities in IBM® SDK Java Technology Edition from October and January CPU and the CVE-2020-2654 (deferred from Oracle Jan 2020 CPU) that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Lifecycle Optimization – Engineering Insights (ENI), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody – Design Manager (RDM), IBM Engineering Systems Design Rhapsody – Model Manager (RMM). These issues were disclosed as part of the IBM Java SDK updates in October 2019 and January 2020.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
RTC 6.0.2
RTC 6.0.6
EWM 7.0
RPE 2.1.0
RPE 2.1.2
RPE 6.0.6
RPE 2.1.1
PUB 7.0
IBM Engineering Systems Design Rhapsody All
IBM Engineering Lifecycle Optimization – Method Composer All
Rhapsody DM 6.0.6
Rhapsody DM
Rhapsody DM 6.0.2
RDM 7.0
RQM 6.0.6
ETM 7.0.0
RQM 6.0.2
CLM 6.0.6
CLM 6.0.2
ELM 7.0
RELM 6.0.6
RELM 6.0.2
ENI 7.0
RDNG 6.0.2
DNG 6.0.6
RDNG 6.0.6
DNG 6.0.2
DOORS Next 7.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin:

Source link

Write a comment:

Your email address will not be published.