High Severity

Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.

Share this post:

There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Lifecycle Optimization – Engineering Insights (ENI), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody – Design Manager (RDM), IBM Engineering Systems Design Rhapsody – Model Manager (RMM).

CVE(s): CVE-2020-4977, CVE-2021-20348, CVE-2020-13956, CVE-2020-4732, CVE-2021-20346, CVE-2020-4495, CVE-2021-29668, CVE-2021-20343, CVE-2021-20345, CVE-2021-20338, CVE-2021-20347, CVE-2020-5030, CVE-2021-29670, CVE-2021-20371

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
DOORS Next 7.0.2
DOORS Next 7.0
DOORS Next 7.0.1
RDNG 6.0.6
PUB 7.0.1
PUB 7.0.2
PUB 7.0
ETM 7.0.1
RQM 6.0.6
ETM 7.0.0
CLM 6.0.6
ELM 7.0.2
ELM 7.0
ELM 7.0.1
RMM 6.0.6
RMM 7.0
ENI 7.0.1
RELM 6.0.6
ENI 7.0
ENI 7.0.2

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6457739
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192470
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194597
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/189572
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/188126
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194595
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/182114
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/199406
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194593
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194594
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194449
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194596
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/193737
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/199408
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/195516

More stories

Security Bulletin: IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerability CVE-2022-0778

May 20, 2022 | High Severity

An issue was identifed in OpenSSL when MQ is using it to parse certificates. ...read more

Security Bulletin: OpenSSL publicly disclosed vulnerability affects IBM MobileFirst Platform Foundation

May 17, 2022 | High Severity

IBM MobileFirst Platform Foundation has addressed the following vulnerability by updating the version of OpenSSL ...read more

Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Netezza Performance Portal

May 17, 2022 | High Severity

IBM HTTP Server is used by IBM Netezza Performance Portal. IBM Netezza Performance Portal has addressed the applicable CVEs. ...read more