7.2
CVE-2026-4051
- EPSS 0.37%
- Veröffentlicht 26.05.2026 18:12:43
- Zuletzt bearbeitet 27.05.2026 15:41:55
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Engineering Lifecycle Management - Jazz Foundation is vulnerable to Server Post-Auth Remote Code Execution
IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privileges to execute remote code due to exposed method that is not properly restricted.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Update-
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix002
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix003
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix004
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix005
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix006
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix007
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix008
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix009
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix010
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix011
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix012
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix013
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix014
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix015
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix016
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix017
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix018
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix019
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix020
Ibm ≫ Engineering Lifecycle Management Version7.0.3 Updateifix021
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Update-
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix001
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix002
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix003
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix004
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix005
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix006
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix007
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix008
Ibm ≫ Engineering Lifecycle Management Version7.1.0 Updateifix009
Ibm ≫ Engineering Lifecycle Management Version7.2.0 Update-
Ibm ≫ Engineering Lifecycle Management Version7.2.0 Updateifix001
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.285 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-749 Exposed Dangerous Method or Function
The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.
https://www.ibm.com/support/pages/node/7274077