IBM Engineering Lifecycle Optimization 7.0

CPE Details

IBM Engineering Lifecycle Optimization 7.0
ibm
engineering_lifecycle_optimization
7.0
2021-07-20
10h41 +00:00
2021-09-21
13h13 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:engineering_lifecycle_optimization:7.0:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

engineering_lifecycle_optimization

Version

7.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-29844 2021-10-27 16h00 +00:00 IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
8.8
High
CVE-2021-29786 2021-10-27 16h00 +00:00 IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172.
6.5
Medium
CVE-2021-29713 2021-10-27 16h00 +00:00 IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
5.4
Medium
CVE-2021-20507 2021-07-19 16h00 +00:00 IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198235.
5.4
Medium
CVE-2020-5031 2021-07-19 16h00 +00:00 IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 193738.
5.4
Medium