Summary There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: Jazz Foundation, IBM Engineering Lifecycle Optimization – Engineering Insights, IBM Engineering Lifecycle Optimization – Publishing, IBM Engineering Requirements Management DOORS Next, Global Configuration Management, IBM Engineering Workflow Management, IBM Jazz Reporting Service, IBM Engineering Test Management Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s)| Version(s) —|— Global Configuration Management| 7.0.2 7.0.3 IBM Engineering Workflow Management IBM Engineering Requirements Management DOORS Next Jazz Foundation IBM Engineering Test Management Remediation/Fixes This vulnerability affects multiple IBM® Engineering Lifecycle Engineering products mentioned above, which uses IBM WebSphere Application Server Liberty If the Product is deployed on one of the above versions, Please follow the instruction given in the following article Link – https://www.ibm.com/support/pages/node/7174997 Workarounds and Mitigations…Read More