threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm collaborative lifecycle management
Product
ibm collaborative lifecycle management
29 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-34355
all versions
IBM Jazz Foundation (IBM Engineering Lifecycle Management 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) could disclose sensitive version
4.0
MEDIUM
CVE-2021-29670
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2021-29668
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2021-20371
all versions
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error messa
6.5
MEDIUM
CVE-2021-20348
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20347
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20346
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20345
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20343
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20338
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2020-5030
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2020-4977
all versions
IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting. This vulnerability allows users
5.4
MEDIUM
CVE-2020-4732
all versions
IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of
6.5
MEDIUM
CVE-2020-4495
all versions
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper
8.8
HIGH
CVE-2021-20519
all versions
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip
5.4
MEDIUM
CVE-2020-4965
all versions
IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sen
7.5
HIGH
CVE-2020-4964
all versions
IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized
4.3
MEDIUM
CVE-2020-4920
all versions
IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary Ja
5.4
MEDIUM
CVE-2021-20357
all versions
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4865
all versions
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4855
all versions
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4547
all versions
IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to
5.4
MEDIUM
CVE-2020-4524
all versions
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4733
all versions
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4697
all versions
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4691
all versions
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4544
all versions
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message
4.3
MEDIUM
CVE-2020-4487
all versions
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message
4.3
MEDIUM
CVE-2019-4748
all versions
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin