Medium Severity

IBM Security Bulletin: Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology

Share this post:

Multiple security vulnerabilities affect components used by the following products that may affect those products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM) and Rational Software Architect Design Manager (RSA DM).

CVE(s): CVE-2019-4252, CVE-2019-4249, CVE-2018-1758, CVE-2018-1760, CVE-2018-1826, CVE-2018-1827, CVE-2018-1828, CVE-2018-1893, CVE-2018-1892, CVE-2019-4250, CVE-2018-1734, CVE-2019-4083, CVE-2019-4084

Affected product(s) and affected version(s):

Rational Collaborative Lifecycle Management 6.0 – 6.0.6.1
Rational Quality Manager 6.0 – 6.0.6.1
Rational Team Concert 6.0 – 6.0.6.1
Rational DOORS Next Generation 6.0 – 6.0.6.1
Rational Engineering Lifecycle Manager 6.0 – 6.0.6.1
Rational Rhapsody Design Manager 6.0 – 6.0.6.1
Rational Software Architect Design Manager 6.0 – 6.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10956525
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159883
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159647
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148605
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148614
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/150429
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/150430
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/150431
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152157
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152156
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159648
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147838
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157383
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157384

More stories

IBM Security Bulletin: Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager IP Edition (CVE-2018-1890, CVE-2019-2426)

Jul 18, 2019 9:01 am EDT | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.1.1 and v4.2, which were disclosed in the Oracle January 2019 Critical Patch Update. CVE(s): CVE-2018-1890, CVE-2019-2426 Affected product(s) and affected version(s): IBM Tivoli Network Manager IP Edition v4.1.1, v4.2 Refer to the ...read more


IBM Security Bulletin: A vulnerability in IBM WebSphere Application Server affects IBM Spectrum Scale packaged in IBM Elastic Storage Server (CVE-2019-4046)

Jul 18, 2019 9:01 am EDT | Medium Severity

There is a vulnerability in IBM WebSphere Application Server, used by IBM Spectrum Scale. This issue allows a remote attacker to cause a denial of service condition. CVE(s): CVE-2019-4046 Affected product(s) and affected version(s):The Elastic Storage Server 5.3.0 thru 5.3.3 The Elastic Storage Server 5.0.0 thru 5.2.6 The Elastic Storage Server 4.5.0 thru 4.6.0 The ...read more


IBM Security Bulletin: An IBM QRadar SIEM protocol is vulnerable to Incorrect Permission Assignment (CVE-2018-2024)

Jul 18, 2019 9:01 am EDT | Medium Severity

The Log file protocol could allow permissions to a resource to be read or modified by unintended actors. CVE(s): CVE-2018-2024 Affected product(s) and affected version(s):7.2.0-QRADAR-PROTOCOL-LogFileProtocol-7.2-20180625094737 and prior 7.3.0-QRADAR-PROTOCOL-LogFileProtocol-7.3-20180625134822 and prior Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10958889X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155350 ...read more