|Number of vulnerabilities||1|
|Exploitation vector||Local network|
Engineering Test Management
Other software / Other software solutions
Universal components / Libraries / Software for developers
Engineering Workflow Management
Server applications / Other server solutions
This security bulletin contains one low risk vulnerability.
The vulnerability allows a remote user to perform MitM attack.
The vulnerability exists due to improper certificate validation issued by a trusted CA when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server. A remote user can perform a man-in-the-middle (MitM) attack and gain access to sensitive information.
Install update from vendor's website.Vulnerable software versions
Engineering Test Management : 7.0.1 - 7.0.2
Jazz Foundation: 7.0 - 7.0.2
Engineering Workflow Management: 7.0.1 - 7.0.2Fixed software versions
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?