Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2015-4872, CVE-2015-4893, CVE-2015-4803, CVE-2015-5006, CVE-2016-0483, CVE-2015-7575, CVE-2016-0448, CVE-2016-0466)

Summary

Jazz Team Server is shipped as a component of Jazz Reporting Service. Information about multiple security vulnerabilities affecting Jazz Team Server and Jazz-based products has been published in a security bulletin.

Vulnerability Details

Consult the security bulletin Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-7575, CVE-2016-0483, etc.) for vulnerability details and information about fixes.

If you have an integrated environment where an IBM Rational product based on IBM’s Jazz technology is configured with IBM Cognos Business Intelligence (e.g. using ALM Cognos Connector), also consult the Cognos Business Intelligence 10.2.x interim fixes address a security vulnerability.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product(s) and Version(s)
—|—
JRS 5.0, 5.0.1 and 5.0.2| Jazz Foundation 5.0, 5.0.1, 5.0.2
JRS 6.0, 6.0.1| Jazz Foundation 6.0, 6.0.1