Ibm

Collaborative Lifecycle Management

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-34355

  • EPSS 0.02%
  • Veröffentlicht 06.10.2023 21:15:10
  • Zuletzt bearbeitet 21.11.2024 07:09:20

IBM Jazz Foundation (IBM Engineering Lifecycle Management 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) could disclose sensitive version information to a user that could be used in further attacks against the system. IBM X-Force ID: 230498.

5.4

CVE-2021-29670

  • EPSS 0.21%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:37

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...

5.4

CVE-2021-29668

  • EPSS 0.21%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:36

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...

6.5

CVE-2021-20371

  • EPSS 0.14%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:28

IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195...

5.5

CVE-2021-20348

  • EPSS 0.09%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:26

IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating ...

5.5

CVE-2021-20347

  • EPSS 0.1%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:26

IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating ...

5.5

CVE-2021-20346

  • EPSS 0.15%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:26

IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating ...

5.5

CVE-2021-20345

  • EPSS 0.1%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:26

IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating ...

5.5

CVE-2021-20343

  • EPSS 0.09%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:25

IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating ...

5.4

CVE-2021-20338

  • EPSS 0.19%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:25

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...