ClearCase and ClearQuest customers with Web components installed should not upgrade WAS to certain versions due to Potential security exposure
This notice is to inform IBM Rational ClearCase and IBM Rational ClearQuest customers who have servers with Web components installed about a potential security exposure which can occur after upgrading IBM WebSphere Application Server (WAS) to certain versions. Although ClearCase and ClearQuest do not ship the affected WAS versions, you may be impacted if you upgraded WAS separately from ClearCase or ClearQuest.
Rational ClearQuest and Rational ClearCase ship bundled with IBM WebSphere Application Server (WAS).
These products are deployed on WebSphere Application Server version 6.1.x, 7.0.x, or 8.0.x and the versions of WAS that are shipped do not have the vulnerability. However, customers who upgraded WAS independently of the ClearCase or ClearQuest installation should read the instructions in the document linked below to determine if you are affected by the potential security exposure.
ClearCase and ClearQuest 8.x releases have separated the WAS installation from the ClearCase and ClearQuest installation. You should determine the exact version of WAS that you have deployed and read the above document link to see if you are impacted.
- ClearCase and ClearQuest 7.1.x releases are shipped with and install and configure WAS version 220.127.116.11 which does not have the issue. Refer to Technote 1390803 How to update the IBM WebSphere Application Server components in Rational ClearCase and Rational ClearQuest 7.1 if you have separately upgraded to an affected version.
|Software Development||Rational ClearCase||CCRC WAN Server||AIX, HP-UX, IRIX, Linux, Mac OS X, Solaris, Windows||7.1, 8.0|
More support for:
Software version: 7.1, 8.0
Operating system(s): AIX, HP-UX, Linux, Solaris, Windows
Reference #: 1609501
Modified date: 17 September 2012