IBM5D853798F90BCA49FC2BBAD5A6A851A0087ACF03AB8267F29F5376F44EBC7DD1Security Bulletin: Vulnerability which affects Rational Team Concert (RTC) and IBM Engineering Workflow Management (EWM)
EPSS
Percentile
19.6%
Summary
There is a vulnerability CVE-2020-4989 which affects Rational Team Concert (RTC) and IBM Engineering Workflow Management (EWM).
Vulnerability Details
CVEID:CVE-2020-4989
**DESCRIPTION:**IBM Engineering Workflow Management could allow an authenticated user to obtain sensitive information about build definitions.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/192707 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| RTC | 6.0.6 |
| RTC | 6.0.6.1 |
| EWM | 7.0 |
| EWM | 7.0.1 |
| EWM | 7.0.2 |
Remediation/Fixes
For the 6.0.6 - 7.0.2 releases:
Upgrade to version 7.0.2 iFix005 or later
IBM Engineering Lifecycle Management 7.0.2 iFix005
IBM Engineering Workflow Management 7.0.2 iFix005
Upgrade to version 7.0.1 iFix013 or later
IBM Engineering Lifecycle Management 7.0.1 iFix013
IBM Engineering Workflow Management 7.0.1 iFix013
Upgrade to version 7.0 iFix013 or later
IBM Engineering Lifecycle Management 7.0 iFix013
IBM Engineering Workflow Management 7.0 iFix013
Upgrade to version 6.0.6.1 iFix021 or later
Rational Collaborative Lifecycle Management 6.0.6.1 iFix021
Rational Team Concert 6.0.6.1 iFix021
Upgrade to version 6.0.6 iFix025 or later
Rational Collaborative Lifecycle Management 6.0.6 iFix025
Rational Team Concert 6.0.6 iFix025
Workarounds and Mitigations
None
Related
EPSS
Percentile
19.6%