Low Severity

Security Bulletin: Security Vulnerabilities in IBM® Java SDK July 2020 CPU plus CVE-2020-2590 and CVE-2020-2601 affect multiple IBM Continuous Engineering products based on IBM Jazz Technology

Share this post:

There are multiple vulnerabilities in IBM® SDK Java Technology Edition from July 2020 CPU, the CVE-2020-2590 (deferred from Oracle Jan 2020 CPU) and CVE-2020-2601 (deferred from Oracle Jan 2020 CPU) that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Lifecycle Optimization – Engineering Insights (ENI), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody – Design Manager (RDM), IBM Engineering Systems Design Rhapsody – Model Manager (RMM). These issues were disclosed as part of the IBM Java SDK updates in July 2020.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Engineering Workflow Management EWM 7.0.1
RTC 6.0.2
RTC 6.0.6.1
EWM 7.0
RTC 6.0.6
Rhapsody DM 6.0.6
IBM Engineering Systems Design Rhapsody – Design Manager RDM 7.0.1
Rhapsody DM 6.0.6.1
Rhapsody DM 6.0.2
RDM 7.0
RDNG 6.0.2
DOORS Next 7.0
IBM Engineering Requirements Management DOORS Next DOORS Next 7.0.1
RDNG 6.0.6.1
RDNG 6.0.6
CLM 6.0.6.1
CLM 6.0.6
ELM 7.0
CLM 6.0.2
ELM 7.0.1
RQM 6.0.6.1
IBM Engineering Test Management ETM 7.0.1
RQM 6.0.6
ETM 7.0.0
RQM 6.0.2
RELM 6.0.6.1
IBM Engineering Lifecycle Optimization – Engineering Insights ENI 7.0.1
RELM 6.0.6
ENI 7.0
RELM 6.0.2
IBM Engineering Systems Design Rhapsody All

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6336901

More stories

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester

Jun 21, 2021 8:01 pm EDT | Low Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Service Tester. Rational Service Tester has addressed the applicable CVEs. ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester

Jun 21, 2021 8:01 pm EDT | Low Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable CVEs. ...read more


Security Bulletin: A Security Vulnerability in IBM Java Runtime affect IBM License Key Server Administration and Reporting Tool and its Agent

Jun 21, 2021 8:01 pm EDT | Low Severity

A security vulnerability has been found in the IBM® Runtime Environment Java™ used by IBM License Key Server Administration and Reporting Tool and its Agent. A fix has been published to mitigate the same. ...read more