Security Bulletin
Summary
There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), Global Configuration Management (GCM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Requirements Quality Assistant On-Premises (RQA On-Prem), IBM Engineering Lifecycle Optimization - Engineering Insights (ENI), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody - Design Manager (RDM), IBM Engineering Systems Design Rhapsody - Model Manager (RMM).
Vulnerability Details
CVEID: CVE-2020-4857
DESCRIPTION: IBM Engineering Requirements Management DOORS Next is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 6.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/190460 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)
CVEID: CVE-2020-4866
DESCRIPTION: IBM Engineering Workflow Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/190742 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)
CVEID: CVE-2021-20350
DESCRIPTION: IBM Engineering Requirements Quality Assistant is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/194707 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)
CVEID: CVE-2009-4269
DESCRIPTION: Apache Derby could allow a remote attacker to obtain sensitive information, caused by the reduction of the size of the set of inputs to SHA-1 by the password hash generation algorithm managed by the BUILTIN authentication functionality. By generating hash collisions, a remote attacker could exploit this vulnerability to crack passwords and obtain sensitive information.
CVSS Base score: 2.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/61202 for the current score.
CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CVEID: CVE-2015-1832
DESCRIPTION: Apache Derby could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML datatype and XmlVTI. An attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service.
CVSS Base score: 6.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/115625 for the current score.
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:P)
CVEID: CVE-2018-1313
DESCRIPTION: Apache Derby could allow a remote attacker to bypass security restrictions, caused by improper validation of network packets received. By sending a specially-crafted network packet, an attacker could exploit this vulnerability to boot a database whose location and contents are under the user's control.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/142898 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID: CVE-2021-20340
DESCRIPTION: IBM Engineering Test Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/194451 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)
CVEID: CVE-2020-4975
DESCRIPTION: IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/192435 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)
CVEID: CVE-2020-4863
DESCRIPTION: IBM Engineering Test Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 6.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/190566 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)
CVEID: CVE-2020-26217
DESCRIPTION: XStream could allow a remote attacker to execute arbitrary code on the system, caused by flaws in the XStream.java and SecurityVulnerabilityTest.java scripts. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/192210 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2021-2069
DESCRIPTION: An unspecified vulnerability in Oracle Outside In Technology related to the Outside In Filters component could allow an unauthenticated attacker to cause low confidentiality impact, high integrity impact, and low availability impact.
CVSS Base score: 8.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/195168 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L)
CVEID: CVE-2021-2066
DESCRIPTION: An unspecified vulnerability in Oracle Outside In Technology related to the Outside In Filters component could allow an unauthenticated attacker to cause low confidentiality impact, high integrity impact, and low availability impact.
CVSS Base score: 8.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/195165 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L)
CVEID: CVE-2021-2068
DESCRIPTION: An unspecified vulnerability in Oracle Outside In Technology related to the Outside In Filters component could allow an unauthenticated attacker to cause low confidentiality impact, high integrity impact, and low availability impact.
CVSS Base score: 8.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/195167 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L)
CVEID: CVE-2021-2067
DESCRIPTION: An unspecified vulnerability in Oracle Outside In Technology related to the Outside In Filters component could allow an unauthenticated attacker to cause low confidentiality impact, high integrity impact, and low availability impact.
CVSS Base score: 8.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/195166 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L)
CVEID: CVE-2020-4856
DESCRIPTION: IBM Engineering Requirements Management DOORS Next is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 6.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/190459 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)
CVEID: CVE-2021-20351
DESCRIPTION: IBM Engineering Requirements Quality Assistant is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/194708 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
| RDNG | 6.0.2 |
| DOORS Next | 7.0 |
| DOORS Next | 7.0.1 |
| DOORS Next | 7.0.2 |
| RDNG | 6.0.6.1 |
| RDNG | 6.0.6 |
| PUB | 7.0.1 |
| PUB | 7.0.2 |
| PUB | 7.0 |
| EWM | 7.0.2 |
| EWM | 7.0.1 |
| RTC | 6.0.2 |
| RTC | 6.0.6.1 |
| EWM | 7.0 |
| RTC | 6.0.6 |
| Global Configuration Management | All |
| ETM | 7.0.2 |
| RQM | 6.0.6.1 |
| ETM | 7.0.1 |
| RQM | 6.0.6 |
| ETM | 7.0.0 |
| RQM | 6.0.2 |
| IBM Engineering Requirements Quality Assistant On-Premises | All |
Remediation/Fixes
For the 6.0 - 7.0.2 releases:
Upgrade to version 7.0.2 iFix001 or later
- IBM Engineering Lifecycle Management 7.0.2 iFix001
- IBM Engineering Requirements Management DOORS Next 7.0.2 iFix001
- IBM Engineering Test Management 7.0.2 iFix001
- IBM Engineering Workflow Management 7.0.2 iFix001
- IBM Engineering Lifecycle Optimization - Engineering Insights: Upgrade to version 7.0.1 and install server from ELM 7.0.2 iFix001
- IBM Engineering Systems Design Rhapsody - Design Manager: Upgrade to version 7.0.1 and install server from ELM 7.0.2 iFix001
- IBM Engineering Systems Design Rhapsody - Model Manager: Upgrade to version 7.0.1 and install server from ELM 7.0.2 iFix001
Upgrade to version 7.0.1 iFix006 or later
- IBM Engineering Lifecycle Management 7.0.1 iFix006
- IBM Engineering Requirements Management DOORS Next 7.0.1 iFix006
- IBM Engineering Test Management 7.0.1 iFix006
- IBM Engineering Workflow Management 7.0.1 iFix006
- IBM Engineering Lifecycle Optimization - Engineering Insights: Upgrade to version 7.0.1 and install server from ELM 7.0.1 iFix006
- IBM Engineering Systems Design Rhapsody - Design Manager: Upgrade to version 7.0.1 and install server from ELM 7.0.1 iFix006
- IBM Engineering Systems Design Rhapsody - Model Manager: Upgrade to version 7.0.1 and install server from ELM 7.0.1 iFix006
Upgrade to version 7.0 iFix008 or later
- IBM Engineering Lifecycle Management 7.0 iFix008
- IBM Engineering Requirements Management DOORS Next 7.0 iFix008
- IBM Engineering Test Management 7.0 iFix008
- IBM Engineering Workflow Management 7.0 iFix008
- IBM Engineering Lifecycle Optimization - Engineering Insights: Upgrade to version 7.0 and install server from ELM 7.0 iFix008
- IBM Engineering Systems Design Rhapsody - Design Manager: Upgrade to version 7.0 and install server from ELM 7.0 iFix008
- IBM Engineering Systems Design Rhapsody - Model Manager: Upgrade to version 7.0 and install server from ELM 7.0 iFix008
Upgrade to version 6.0.6.1 iFix015 or later
- Rational Collaborative Lifecycle Management 6.0.6.1 iFix015
- Rational DOORS Next Generation 6.0.6.1 iFix015
- Rational Quality Manager 6.0.6.1 iFix015
- Rational Team Concert 6.0.6.1 iFix015
- Rational Engineering Lifecycle Manager: Upgrade to version 6.0.6.1 and install server from CLM 6.0.6.1 iFix015
- Rational Rhapsody Design Manager: Upgrade to version 6.0.6.1 and install server from CLM 6.0.6.1 iFix015
- IBM Rhapsody Model Manager: Upgrade to version 6.0.6.1 and install server from CLM 6.0.6.1 iFix015
- Rational Software Architect Design Manager: Upgrade to version 6.0.6.1 and install server from CLM 6.0.6.1 iFix015
Upgrade to version 6.0.6 iFix019 or later
- Rational Collaborative Lifecycle Management 6.0.6 iFix019
- Rational DOORS Next Generation 6.0.6 iFix019
- Rational Quality Manager 6.0.6 iFix019
- Rational Team Concert 6.0.6 iFix019
- Rational Engineering Lifecycle Manager: Upgrade to version 6.0.6 and install server from CLM 6.0.6 iFix019
- Rational Rhapsody Design Manager: Upgrade to version 6.0.6 and install server from CLM 6.0.6 iFix019
- IBM Rhapsody Model Manager: Upgrade to version 6.0.6 and install server from CLM 6.0.6 iFix019
- Rational Software Architect Design Manager: Upgrade to version 6.0.6 and install server from CLM 6.0.6 iFix019
Upgrade to version 6.0.2 iFix027 or later
- Rational Collaborative Lifecycle Management 6.0.2 iFix027
- Rational Team Concert 6.0.2 iFix027
- Rational Quality Manager 6.0.2 iFix027
- Rational DOORS Next Generation 6.0.2 iFix027
- Rational Software Architect Design Manager: Upgrade to version 6.0.2 and install server from CLM 6.0.2 iFix027
- Rational Rhapsody Design Manager: Upgrade to version 6.0.2 and install server from CLM 6.0.2 iFix027
- Rational Engineering Lifecycle Manager: Upgrade to version 6.0.2 and install server from CLM 6.0.2 iFix027
For IBM Engineering Requirements Quality Assistant On-Premises:
- Please follow the RQA Upgrade instructions.
For any prior versions of the products listed above, IBM recommends upgrading to a fixed, supported version/release/platform of the product.
If the iFix is not found in the Fix Portal please contact IBM Support.
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
Change History
26 Feb 2021: Initial Publication
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
26 February 2021
UID
ibm16417585