IBM5AB3127111394D71EE5C6007F6356EA6EA8770DB363A0FA3A3F62BFBE9D67C61Security Bulletin: A security vulnerability has been identified in IBM HTTP Server used by IBM Rational ClearQuest (CVE-2020-11985)
Summary
IBM HTTP Server (IHS) is used by the IBM Rational ClearQuest server and web components. Information about security vulnerabilities affecting IHS have been published in a security bulletin.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Rational ClearQuest | 9.0.2 |
| IBM Rational ClearQuest | 9.0 |
| IBM Rational ClearQuest | 9.0.1 |
Remediation/Fixes
Refer to the following security bulletin(s) for vulnerability details and information about fixes addressed by IBM HTTP Server (IHS), which is used by IBM Rational ClearQuest.
| Principal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin |
|---|---|---|
| IBM Rational ClearQuest, versions 9.0.0.x, 9.0.1.x, 9.0.2.x | IBM HTTP Server versions 9.0. | Security Bulletin: Vulnerability in the IBM HTTP Server used by WebSphere Application Server is fixed in 9.0.0.3 |
ClearQuest Versions
|
Applying the fix
—|—
9.0.0.x, 9.0.1.x, 9.0.2.x | Apply the appropriate IBM HTTP Server fix (see bulletin link above) directly to your CM server host. No ClearQuest-specific steps are necessary.
For 8.0.x, 7.0.x, 7.1.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product.
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm rational clearquest | eq | 9.0.2 | |
| ibm rational clearquest | eq | 9.0 | |
| ibm rational clearquest | eq | 9.0.1 |
Related
