Engineering Lifecycle Optimization - Publishing Security Vulnerabilities and Issues — Engineering Lifecycle Optimization - Publishing CVE List

Lucene search

IbmEngineering Lifecycle Optimization - Publishing

3 matches found

CVE•added 2022/07/14 5:15 p.m.•55 views

CVE-2021-39016

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722.

4.3CVSS4.5AI score0.00145EPSS

CVE•added 2022/07/14 5:15 p.m.•48 views

CVE-2021-39018

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that could aid in further attacks against the system. IBM X-Force ID: 213726.

4.3CVSS4.5AI score0.00126EPSS

CVE•added 2020/07/16 3:15 p.m.•34 views

CVE-2020-4316

IBM Publishing Engine 6.0.6, 6.0.6.1, and 7.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...

4.7CVSS4.3AI score0.00172EPSS