This notice is to inform IBM Rational ClearCase and IBM Rational ClearQuest customers who have servers with Web components installed about a potential security exposure which can occur after upgrading IBM WebSphere Application Server (WAS) to certain versions. Although ClearCase and ClearQuest do not ship the affected WAS versions, you may be impacted if you upgraded WAS separately from ClearCase or ClearQuest.
Rational ClearQuest and Rational ClearCase ship bundled with IBM WebSphere Application Server (WAS).
These products are deployed on WebSphere Application Server version 6.1.x, 7.0.x, or 8.0.x and the versions of WAS that are shipped do not have the vulnerability. However, customers who upgraded WAS independently of the ClearCase or ClearQuest installation should read the instructions in the document linked below to determine if you are affected by the potential security exposure.
ClearCase and ClearQuest 8.x releases have separated the WAS installation from the ClearCase and ClearQuest installation. You should determine the exact version of WAS that you have deployed and read the above document link to see if you are impacted.
- ClearCase and ClearQuest 7.1.x releases are shipped with and install and configure WAS version 184.108.40.206 which does not have the issue. Refer to Technote 1390803 How to update the IBM WebSphere Application Server components in Rational ClearCase and Rational ClearQuest 7.1 if you have separately upgraded to an affected version.
|Software Development||Rational ClearCase||CCRC WAN Server||AIX, HP-UX, IRIX, Linux, Mac OS X, Solaris, Windows||7.1, 8.0|