Vulnerabilities > IBM > Collaborative Lifecycle Management > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-10-06 CVE-2022-34355 Unspecified vulnerability in IBM products
IBM Jazz Foundation (IBM Engineering Lifecycle Management 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) could disclose sensitive version information to a user that could be used in further attacks against the system.
local
low complexity
ibm
5.5
2021-06-02 CVE-2020-4732 Unspecified vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of security restrictions.
network
low complexity
ibm
6.5
2021-06-02 CVE-2020-4977 Cross-site Scripting vulnerability in IBM products
IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-06-02 CVE-2020-5030 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-06-02 CVE-2021-20338 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-06-02 CVE-2021-20343 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20345 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20346 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20347 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20348 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4