Summary There is a vulnerability in the Netty library used by IBM WebSphere Application Server Liberty with the grpc-1.0 or grpcClient-1.0 feature enabled. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: Jazz Foundation, IBM Engineering Requirements Management DOORS Next, Global Configuration Management,IBM Engineering Test Management, IBM Engineering Workflow Management Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s)| Version(s) —|— Jazz Foundation| 7.1 Global Configuration Management IBM Engineering Requirements Management DOORS Next IBM Engineering Test Management IBM Engineering Workflow Management Jazz Foundation| 7.0.2 Global Configuration Management IBM Engineering Requirements Management DOORS Next IBM Engineering Test Management IBM Engineering Workflow Management Jazz Foundation| 7.0.3 Global Configuration Management IBM Engineering Requirements Management DOORS Next IBM Engineering Test Management IBM Engineering Workflow Management Remediation/Fixes This affects IBM WebSphere Application Server Liberty 21.0.0.2 – 25.0.0.3 with the specified features on Windows. If the Product is deployed on one of the above versions, Please follow the instruction given in the following article. Link – https://www.ibm.com/support/pages/node/7228999 Workarounds and Mitigations…Read More