Lucene search
K
IbmEngineering Lifecycle Management7.0.3

4 matches found

CVE
CVE
added 2026/02/03 10:12 p.m.31 views

CVE-2025-36033

CVE-2025-36033 affects IBM Engineering Lifecycle Management - Global Configuration Management (Jazz Foundation) versions 7.0.3 with iFix017 and 7.1.0 with iFix004. The issue is a cross-site scripting vulnerability that allows an authenticated user to inject JavaScript into the Web UI, potentially...

5.4CVSS5AI score0.00136EPSS
CVE
CVE
added 2026/05/26 6:17 p.m.23 views

CVE-2026-3603

The CVE-2026-3603 issue affects IBM Engineering Lifecycle Management – Jazz Foundation components: 7.0.3 (iFix001–iFix021), 7.1.0 (iFix001–iFix009), and 7.2.0 (iFix001–iFix002). A XML external entity (XXE) vulnerability arises when processing XML data, allowing an authenticated attacker to potent...

7.1CVSS5.8AI score0.00354EPSS
CVE
CVE
added 2026/05/26 6:12 p.m.21 views

CVE-2026-4051

CVE-2026-4051 concerns IBM Engineering Lifecycle Management - Jazz Foundation. Affected products/versions: 7.0.3 (through iFix021), 7.1.0 (through iFix009), 7.2.0 (through iFix001). Root cause: an exposed method that is not properly restricted, enabling a user with administrative privileges to pe...

7.2CVSS6.2AI score0.00369EPSS
CVE
CVE
added 2026/05/26 6:23 p.m.19 views

CVE-2026-3660

CVE-2026-3660 affects IBM Engineering Lifecycle Management – Jazz Foundation components: 7.0.3 (through iFix021), 7.1.0 (through iFix009), and 7.2.0 (through iFix001). The issue arises from an unauthorized modification path that allows an unauthenticated remote attacker to update server property ...

9.8CVSS5.8AI score0.0058EPSS