IBM Engineering Lifecycle Optimization 7.0.3

CPE Details

IBM Engineering Lifecycle Optimization 7.0.3
ibm
engineering_lifecycle_optimization
7.0.3
2024-04-12
10h17 +00:00
2024-04-12
10h17 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:engineering_lifecycle_optimization:7.0.3:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

engineering_lifecycle_optimization

Version

7.0.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-45191 2024-02-09 00h34 +00:00 IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 268755.
7.5
High
CVE-2023-45190 2024-02-09 00h32 +00:00 IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 268754.
6.1
Medium
CVE-2023-45187 2024-02-09 00h29 +00:00 IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 268749.
8.8
High