CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2021-39016
https://notcve.org/view.php?id=CVE-2021-39016
14 Jul 2022 — IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722. IBM Engineering Lifecycle Optimization - Publishing versiones 6.0.6, 6.0.6.1, 7.0, 7.0.1 y 7.0.2, no supervisa ni controla suficientemente el volumen de tráfico de red transmitido, por lo que un actor puede causar que... • https://exchange.xforce.ibmcloud.com/vulnerabilities/213722 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-39015
https://notcve.org/view.php?id=CVE-2021-39015
14 Jul 2022 — IBM Engineering Lifecycle Optimization - Publishing 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213655. IBM Engineering Lifecycle Optimization - Publishing versiones 7.0, 7.0.1 y 7.0.2, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios inse... • https://exchange.xforce.ibmcloud.com/vulnerabilities/213655 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 25EXPL: 0CVE-2021-29670
https://notcve.org/view.php?id=CVE-2021-29670
02 Jun 2021 — IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199408. Los productos IBM Jazz Foundation e IBM Engineering son vulnerables a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Us... • https://exchange.xforce.ibmcloud.com/vulnerabilities/199408 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 25EXPL: 0CVE-2021-29668
https://notcve.org/view.php?id=CVE-2021-29668
02 Jun 2021 — IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199406. Los productos IBM Jazz Foundation e IBM Engineering son vulnerables a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Us... • https://exchange.xforce.ibmcloud.com/vulnerabilities/199406 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 25EXPL: 0CVE-2021-20371
https://notcve.org/view.php?id=CVE-2021-20371
02 Jun 2021 — IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195516. Los productos IBM Jazz Foundation e IBM Engineering podrían permitir a un atacante remoto obtener información confidencial cuando un mensaje de error es devuelto en el navegador. Esta información podría ser usada en posteriores ataques contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/195516 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2021-20348
https://notcve.org/view.php?id=CVE-2021-20348
02 Jun 2021 — IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-ForceID: 194597. Los productos IBM Jazz Foundation e IBM Engineering son vulnerables a ataques de tipo server-side request forgery (SSRF). Esto puede permitir a un atacante autenticado enviar peticiones no autorizadas desde el sistema, lo qu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/194597 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2021-20347
https://notcve.org/view.php?id=CVE-2021-20347
02 Jun 2021 — IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 194596. Los productos IBM Jazz Foundation e IBM Engineering son vulnerables a ataques de tipo server-side request forgery (SSRF). Esto puede permitir a un atacante autenticado enviar peticiones no autorizadas desde el sistema, lo q... • https://exchange.xforce.ibmcloud.com/vulnerabilities/194596 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2021-20346
https://notcve.org/view.php?id=CVE-2021-20346
02 Jun 2021 — IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 194595. Los productos IBM Jazz Foundation e IBM Engineering son vulnerables a ataques de tipo server-side request forgery (SSRF). Esto puede permitir a un atacante autenticado enviar peticiones no autorizadas desde el sistema, lo q... • https://exchange.xforce.ibmcloud.com/vulnerabilities/194595 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2021-20345
https://notcve.org/view.php?id=CVE-2021-20345
02 Jun 2021 — IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 194594. Los productos IBM Jazz Foundation e IBM Engineering son vulnerables a ataques de tipo server-side request forgery (SSRF). Esto puede permitir a un atacante autenticado enviar peticiones no autorizadas desde el sistema, lo q... • https://exchange.xforce.ibmcloud.com/vulnerabilities/194594 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2021-20343
https://notcve.org/view.php?id=CVE-2021-20343
02 Jun 2021 — IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 194593. Los productos IBM Jazz Foundation e IBM Engineering son vulnerables a ataques de tipo server-side request forgery (SSRF). Esto puede permitir a un atacante autenticado enviar peticiones no autorizadas desde el sistema, lo q... • https://exchange.xforce.ibmcloud.com/vulnerabilities/194593 • CWE-918: Server-Side Request Forgery (SSRF) •