IBM Engineering Lifecycle Optimization 7.0.3

CPE Details

IBM Engineering Lifecycle Optimization 7.0.3
ibm
engineering_lifecycle_optimization
7.0.3
2024-04-12
10h17 +00:00
2024-04-12
10h17 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:ibm:engineering_lifecycle_optimization:7.0.3:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

engineering_lifecycle_optimization

Version

7.0.3

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-45191 2024-02-09 00h34 +00:00 IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 268755.
7.5
Haute
CVE-2023-45190 2024-02-09 00h32 +00:00 IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 268754.
6.1
Moyen
CVE-2023-45187 2024-02-09 00h29 +00:00 IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 268749.
8.8
Haute