9.8
CVE-2026-3660
- EPSS 0.58%
- Veröffentlicht 26.05.2026 18:23:30
- Zuletzt bearbeitet 29.05.2026 19:31:59
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Engineering Lifecycle Management - Jazz Foundation is vulnerable to Authentication Bypass
IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an unauthenticated remote attacker to update server property files that would allow them to gain unauthorized access to the application.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Update-
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix002
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix003
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix004
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix005
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix006
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix007
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix008
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix009
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix010
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix011
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix012
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix013
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix014
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix015
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix016
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix017
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix018
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix019
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix020
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix021
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Update-
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix001
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix002
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix003
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix004
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix005
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix006
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix007
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix008
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix009
Ibm ≫ Engineering Lifecycle Management Version7.2.0 Update-
Ibm ≫ Engineering Lifecycle Management Version7.2.0 Updateifix001
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.58% | 0.431 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
https://www.ibm.com/support/pages/node/7274079