Vulnerabilities > IBM > Engineering Lifecycle Optimization Engineering Insights

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2024-39726 XXE vulnerability in IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2/7.0.3
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
8.2
8.2
2021-07-28 CVE-2020-4974 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF).
network
low complexity
ibm CWE-918
6.3
6.3
2021-07-28 CVE-2020-5004 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-06-02 CVE-2020-4495 Unspecified vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper access control.
network
low complexity
ibm
8.8
8.8
2021-06-02 CVE-2020-4732 Unspecified vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of security restrictions.
network
low complexity
ibm
6.5
6.5
2021-06-02 CVE-2020-4977 Cross-site Scripting vulnerability in IBM products
IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-06-02 CVE-2020-5030 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-06-02 CVE-2021-20338 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-06-02 CVE-2021-20343 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
5.4
2021-06-02 CVE-2021-20345 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
5.4