Vulnerabilities > IBM > Engineering Lifecycle Optimization > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-09 CVE-2023-45187 Unspecified vulnerability in IBM Engineering Lifecycle Optimization 7.0.2/7.0.3
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
network
low complexity
ibm
8.8
2024-02-09 CVE-2023-45191 Unspecified vulnerability in IBM Engineering Lifecycle Optimization 7.0.2/7.0.3
IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
network
low complexity
ibm
7.5
2021-10-27 CVE-2021-29774 Unspecified vulnerability in IBM products
IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations.
network
high complexity
ibm
7.5
2021-10-27 CVE-2021-29844 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
8.8