IBM Rational Engineering Lifecycle Manager 7.0

CPE Details

IBM Rational Engineering Lifecycle Manager 7.0
ibm
rational_engineering_lifecycle_manager
7.0
2020-11-03
18h27 +00:00
2020-11-03
18h27 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:7.0:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

rational_engineering_lifecycle_manager

Version

7.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-29844 2021-10-27 16h00 +00:00 IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
8.8
Haute
CVE-2021-29786 2021-10-27 16h00 +00:00 IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172.
6.5
Moyen
CVE-2021-29774 2021-10-27 16h00 +00:00 IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025.
7.5
Haute
CVE-2021-29713 2021-10-27 16h00 +00:00 IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
5.4
Moyen
CVE-2021-29673 2021-10-27 16h00 +00:00 IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199482.
5.4
Moyen
CVE-2021-20507 2021-07-19 16h00 +00:00 IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198235.
5.4
Moyen
CVE-2020-5031 2021-07-19 16h00 +00:00 IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 193738.
5.4
Moyen
CVE-2020-4546 2020-09-02 18h25 +00:00 IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183314.
5.4
Moyen
CVE-2020-4522 2020-09-02 18h25 +00:00 IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182397.
5.4
Moyen
CVE-2020-4445 2020-09-02 18h25 +00:00 IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 181122.
5.4
Moyen