IBM Support

Security Bulletin: Notice of IBM WebSphere Application Server security vulnerability fixes for Rational ClearCase and ClearQuest (CVE-2012-2170)

Security Bulletin


Summary

IBM Rational ClearCase and ClearQuest use IBM WebSphere Application Server (WAS) which has security corrections.

Vulnerability Details

Subscribe to My Notifications to be notified of important product support alerts like this.
  • Follow this link for more information (requires login with your IBM ID)

CVE ID: CVE-2012-2170

Description: Review the following IBM WebSphere Application Server bulletin for complete details:

1606096: Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.4

  • ClearCase and ClearQuest 8.x releases have separated the WAS installation from the ClearCase and ClearQuest installation. You should determine the exact version of WAS that you have deployed and read the above document link to see if you are impacted.

Affected Products and Versions

All ClearCase and ClearQuest 7.1.x web servers running on the as shipped WAS v6.1.0.25.

Any ClearQuest v8.0.x web server running on a WAS version that does not have the remediation applied.

Workarounds and Mitigations

Workaround:

Use desktop applications

Mitigation:

None

Get Notified about Future Security Bulletins

References

Off

Acknowledgement

None

Change History

* 25 September 2012 - Original copy published

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

[{"Product":{"code":"SSSH5A","label":"Rational ClearQuest"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"General Information","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"7.1;7.1.0.1;7.1.0.2;7.1.1;7.1.1.1;7.1.1.2;7.1.1.3;7.1.1.4;7.1.1.5;7.1.1.6;7.1.1.7;7.1.1.8;7.1.1.9;7.1.2;7.1.2.1;7.1.2.2;7.1.2.3;7.1.2.4;7.1.2.5;7.1.2.6;7.1.2.7;7.1.2.8;8.0;8.0.0.1;8.0.0.2;8.0.0.3;8.0.0.4","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}},{"Product":{"code":"SSSH27","label":"Rational ClearCase"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"CCRC WAN Server","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF015","label":"IRIX"},{"code":"PF016","label":"Linux"},{"code":"","label":"Mac OS X"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"7.1;7.1.0.1;7.1.0.2;7.1.1;7.1.1.1;7.1.1.2;7.1.1.3;7.1.1.4;7.1.1.5;7.1.1.6;7.1.1.7;7.1.1.8;7.1.1.9;7.1.2;7.1.2.1;7.1.2.2;7.1.2.3;7.1.2.4;7.1.2.5;7.1.2.6;7.1.2.7;7.1.2.8;8.0;8.0.0.1;8.0.0.2;8.0.0.3;8.0.0.4","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
16 June 2018

UID

swg21611795