IBM4D905DE42909297028EB779A288554A3D5117EF624E43929294CC3AA90DC2D8ESecurity Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2020-11985)
Summary
IBM HTTP Server (IHS) is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Rational ClearCase | 8.0.0 |
| IBM Rational ClearCase | 9.0 |
| IBM Rational ClearCase | 9.0.1 |
| IBM Rational ClearCase | 9.0.2 |
| IBM Rational ClearCase | 8.0.1 |
Remediation/Fixes
Refer to the following security bulletin(s) for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS) which is shipped with IBM Rational ClearCase.
| Principal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin |
|---|---|---|
| IBM Rational ClearCase, versions 8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1.x, 9.0.2.x | IBM HTTP Server version 9.0, 8.5, 8.0, and 7.0 | Security Bulletin: Vulnerability in the IBM HTTP Server used by WebSphere Application Server is fixed in 9.0.0.3 |
ClearCase Versions
|
Applying the fix
—|—
8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1.x, 9.0.2.x| Apply the appropriate IBM HTTP Server fix (see bulletin link above) directly to your CCRC WAN server host. No ClearCase-specific steps are necessary.
For 8.0.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product.
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| rational clearcase | eq | any |
Related
