IBM Security Bulletin: An undisclosed vulnerability affects IBM Rational products based on IBM Jazz technology

Potential XML External Entity Processing vulnerability affects the following IBM Rational Products: Rational Rhapsody Design Manager (Rhapsody DM), Rational Software Architect Design Manager (RSA DM)

CVE(s): CVE-2018-1456

Affected product(s) and affected version(s):

Rational Rhapsody Design Manager 5.0 – 5.0.2
Rational Rhapsody Design Manager 5.0 – 6.0.5

Rational Software Architect Design Manager 5.0 – 5.0.2
Rational Software Architect Design Manager 5.0 – 6.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22016795
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140091

The post IBM Security Bulletin: An undisclosed vulnerability affects IBM Rational products based on IBM Jazz technology appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2swWx18