CPE-663F81D1-8AC5-4418-9423-E93F29162859 Detail

CPE Details

IBM Engineering Lifecycle Optimization 7.0.2

Vendor

ibm

Product

engineering_lifecycle_optimization

Version

7.0.2

Created

2021-07-20
10h41 +00:00

Modified

2021-09-21
13h13 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:ibm:engineering_lifecycle_optimization:7.0.2:::::::*

Informations

Vendor

ibm

Product

engineering_lifecycle_optimization

Version

7.0.2

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-45191	2024-02-09 00h34 +00:00	IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 268755.	7.5	High
CVE-2023-45190	2024-02-09 00h32 +00:00	IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 268754.	6.1	Medium
CVE-2023-45187	2024-02-09 00h29 +00:00	IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 268749.	8.8	High
CVE-2021-29786	2021-10-27 16h00 +00:00	IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172.	6.5	Medium
CVE-2021-29774	2021-10-27 16h00 +00:00	IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025.	7.5	High
CVE-2021-29713	2021-10-27 16h00 +00:00	IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.	5.4	Medium
CVE-2021-29673	2021-10-27 16h00 +00:00	IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199482.	5.4	Medium
CVE-2021-20507	2021-07-19 16h00 +00:00	IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198235.	5.4	Medium
CVE-2020-5031	2021-07-19 16h00 +00:00	IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 193738.	5.4	Medium

IBM Engineering Lifecycle Optimization 7.0.2

CPE Details

CPE Name: cpe:2.3:a:ibm:engineering_lifecycle_optimization:7.0.2:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:ibm:engineering_lifecycle_optimization:7.0.2:::::::*