threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm engineering lifecycle optimization engineering insights
Product
ibm engineering lifecycle optimization engineering insights
18 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-39727
all versions
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an ext
6.1
MEDIUM
CVE-2024-39725
all versions
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 could allow a remote attacker to obtain sensitive in
5.3
MEDIUM
CVE-2024-39726
all versions
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (X
8.2
HIGH
CVE-2020-5004
all versions
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4974
all versions
IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to sen
6.3
MEDIUM
CVE-2021-29670
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2021-29668
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2021-20371
all versions
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error messa
6.5
MEDIUM
CVE-2021-20348
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20347
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20346
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20345
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20343
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20338
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2020-5030
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2020-4977
all versions
IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting. This vulnerability allows users
5.4
MEDIUM
CVE-2020-4732
all versions
IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of
6.5
MEDIUM
CVE-2020-4495
all versions
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper
8.8
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin