Vulnerabilities > IBM > Rational Quality Manager

DATE CVE VULNERABILITY TITLE RISK
2021-06-02 CVE-2021-20346 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20347 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20348 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20371 Information Exposure Through an Error Message vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error message is returned in the browser.
network
low complexity
ibm CWE-209
6.5
2021-06-02 CVE-2021-29668 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-06-02 CVE-2021-29670 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-04-12 CVE-2021-20519 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-04-12 CVE-2020-4965 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products
IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2021-04-12 CVE-2020-4964 Unspecified vulnerability in IBM products
IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users.
network
low complexity
ibm
4.3
2021-04-12 CVE-2020-4920 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4