The IBM® Engineering Lifecycle Engineering products using Liberty are vulnerable to denial of service due to GraphQL Java, affected features are mpGraphQL-1.0 or mpGraphQL-2.0 .
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
Global Configuration Management (GCM) | All |
Rational DOORS Next Generation (RDNG) | 6.0.6 |
Collaborative Lifecycle Management (CLM) | |
Rational Team Concert (RTC) | |
Rational DOORS Next Generation (RDNG) | 6.0.6.1 |
Collaborative Lifecycle Management (CLM) | |
Rational Team Concert (RTC) | |
IBM Engineering Requirements Management DOORS Next(DNG) | 7, 7.0.1, 7.0.2 |
Engineering Lifecycle Management (ELM) | |
IBM Engineering Workflow Management (EWM) |
If your product is deployed on Liberty 17.0.0.3 - 22.0.0.11, please follow the instruction given in the following Liberty bulletin <https://www.ibm.com/support/pages/node/6832094>
None