Summary There is a vulnerability in the Google Protocol Buffers (protobuf) library used by IBM WebSphere Application Server Liberty with the grpc-1.0 or grpcClient-1.0 feature enabled. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: Jazz Foundation, IBM Engineering Requirements Management DOORS Next, Global Configuration Management, IBM Engineering Workflow Management, IBM Engineering Test Management Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s)| Version(s) —|— IBM Engineering Test Management| 7.0.2, 7.0.3 IBM Engineering Workflow Management Jazz Foundation IBM Engineering Requirements Management DOORS Next Global Configuration Management Remediation/Fixes Features affected: WebSphere Liberty with one or more of the following features enabled: grpc-1.0 or grpcClient-1.0. This affects IBM WebSphere Application Server Liberty 20.0.0.12 – 24.0.0.10 with the specified features enabled. If the Product is deployed on one of the above versions, Please follow the instruction given in the following article. Link – https://www.ibm.com/support/pages/node/7173097 Workarounds and Mitigations…Read More