IBM Security Bulletin: Multiple Vulnerabilities in OpenSSL affect Rational Insight
OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by Rational Insight. Rational Insight has addressed the applicable CVEs.
CVE(s): CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176
Affected product(s) and affected version(s):
| Principal Product and Version(s) | Affected Supporting Product(s) and Version(s) |
| Rational Insight 1.1, 1.1.1, 1.1.1.1 and 1.1.1.2 | Cognos BI 10.1.1 |
| Rational Insight 1.1.1.3 | Cognos BI 10.2.1 |
| Rational Insight 1.1.1.4, 1.1.1.5 and 1.1.1.6 | Cognos BI 10.2.1 Fix pack 2 Jazz Reporting Service 5.0, 5.0.1 and 5.0.2 |
| Rational Insight 1.1.1.7 | Cognos BI 10.2.1 Fix pack 2 Jazz Reporting Service 6.0 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/29ySbgH
X-Force Database: http://ift.tt/1VjTr9i
X-Force Database: http://ift.tt/1NwOQz5
X-Force Database: http://ift.tt/1NwOPLs
X-Force Database: http://ift.tt/25myFMu
X-Force Database: http://ift.tt/1Z0wO8Z
X-Force Database: http://ift.tt/25mym4p
from IBM Product Security Incident Response Team http://ift.tt/2a2hlmw