IBM Security Bulletin: A vulnerability in Apache Tomcat affects Rational Reporting for Development Intelligence (CVE-2015-5174)

The Rational Reporting for Development Intelligence (RRDI) is shipped with a version of the Apache Tomcat web server which contains a security vulnerability that could have a potential security impact.

CVE(s): CVE-2015-5174

Affected product(s) and affected version(s):

Principal Product and Version(s)Affected Supporting Product(s) and Version(s)
RRDI 2.0, 2.0.1, 2.0.3 and 2.0.4Cognos BI 10.1.1
RRDI 2.0.5 and 2.0.6Cognos BI 10.2.1
RRDI 5.0, 5.0.1 and 5.0.2Cognos BI 10.2.1 Fix pack 2
Jazz Reporting Service 5.0, 5.0.1 and 5.0.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2a2hDdg
X-Force Database: http://ift.tt/1rhWylT



from IBM Product Security Incident Response Team http://ift.tt/2a2hNRX