IBM Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect IBM Rational ClearCase (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549)
There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 6, 7, and 8, which are used by IBM Rational ClearCase. These issues were disclosed as part of the IBM Java SDK updates in January 2017.
CVE(s): CVE-2016-5546, CVE-2016-5548, CVE-2016-5549, CVE-2016-5547, CVE-2016-2183
Affected product(s) and affected version(s):
IBM Rational ClearCase, versions 7.1, 7.1.1, 7.1.2, 8.0, 8.0.1 and 9.0 in the following components:
- CCRC WAN server/CM Server component, when configured to use SSL
- ClearCase remote client: CCRC/CTE GUI, rcleartool, and CMAPI clients, when using SSL to access a CCRC WAN Server/CM Server
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2fkuJqb
X-Force Database: http://ift.tt/2lA4akm
X-Force Database: http://ift.tt/2lAx183
X-Force Database: http://ift.tt/2msD77U
X-Force Database: http://ift.tt/2msBF5I
X-Force Database: http://ift.tt/2dR3VyC
The post IBM Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect IBM Rational ClearCase (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549) appeared first on IBM PSIRT Blog.
| ClearCase version | Status |
| 9.0.1, 9.0.1.1 | Not Affected |
| 9.0 through 9.0.0.4 | Affected |
| 8.0.1 through 8.0.1.14 | Affected |
| 8.0 through 8.0.0.21 | Affected |
| 7.1.2 through 7.1.2.19 (all fix packs) | Affected |
from IBM Product Security Incident Response Team http://ift.tt/2xn3Uvn