Low Severity

IBM Security Bulletin: Vulnerability in OpenSSL affects IBM Rational ClearCase (CVE-2018-0732)

Share this post:

An OpenSSL vulnerability was disclosed on June 12 2018 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVE.

CVE(s): CVE-2018-0732

Affected product(s) and affected version(s):

IBM Rational ClearCase versions:

Version Status
9.0.1 through 9.0.1.4 Affected
9.0 through 9.0.0.6 Affected
8.0.1 through 8.0.1.18 Affected
8.0 through 8.0.0.21 Affected

Not all deployments of Rational ClearCase use OpenSSL in a way that is affected by these vulnerabilities.

You are vulnerable if your use of Rational ClearCase includes any of these configurations:

  1. You use the base ClearCase/ClearQuest integration client on any platform, configured to use SSL to communicate with a ClearQuest server.
  2. You use the UCM/ClearQuest integration on UNIX/Linux clients, configured to use SSL to communicate with a ClearQuest server.
    Note: Windows clients using the UCM/ClearQuest integration are not vulnerable.
  3. On UNIX/Linux clients, you use the Change Management Integration (CMI), when configured to use SSL to communicate with the server.
    Note: Windows clients using the CMI integration are not vulnerable.
  4. You use ratlperl, ccperl, or cqperl to run your own perl scripts, and those scripts use SSL connections.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10738401
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144658

More stories

IBM Security Bulletin: IBM MQ Appliance affected by an OpenSSH vulnerability (CVE-2019-6110)

Aug 19, 2019 12:09 pm EDT | Low Severity

IBM MQ Appliance has addressed the following OpenSSH vulnerability. CVE(s): CVE-2019-6110 Affected product(s) and affected version(s): IBM MQ Appliance 8 Maintenance levels between 8.0.0.0 and 8.0.0.11 IBM MQ Appliance 9.1 Long Term Support (LTS) Release Maintenance levels between 9.1.0.0 and 9.1.0.2 IBM MQ Appliance 9.1.x Continuous Delivery (CD) Release Continuous delivery updates 9.1.1 and 9.1.2 ...read more


IBM Security Bulletin: Financial Transaction Manager for Digital Payments: Information Leakage in configuration listing (CVE-2018-1670)

Jul 29, 2019 9:01 am EDT | Low Severity

IBM Financial Transaction Manager for Digital Payments (FTM DP) for Multi-Platform could allow an authenticated user to obtain sensitive product configuration information from log files. CVE(s): CVE-2018-1670 Affected product(s) and affected version(s): FTM DP v3.2.0.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10731497X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144946 ...read more


IBM Security Bulletin: IBM RackSwitch firmware products are affected by vulnerability in OpenSSL (CVE-2018-0734)

Jul 17, 2019 9:01 am EDT | Low Severity

IBM RackSwitch firmware products listed below have addressed the following vulnerability in OpenSSL. CVE(s): CVE-2018-0734 Affected product(s) and affected version(s): Product Affected Version IBM RackSwitch G8000 7.1 IBM RackSwitch G8052 7.9 IBM RackSwitch G8052 7.11 IBM RackSwitch G8124/G8124E 7.11 IBM RackSwitch G8264 7.11 IBM RackSwitch G8264CS 7.8 IBM RackSwitch G8264T 7.9 IBM RackSwitch G8316 7.9 ...read more