Engineering Lifecycle Optimization Publishing@6.0.6 Security Vulnerabilities and Issues — Engineering Lifecycle Optimization Publishing@6.0.6 CVE List

Lucene search

IbmEngineering Lifecycle Optimization Publishing6.0.6

5 matches found

CVE•added 2022/07/14 5:15 p.m.•58 views

CVE-2021-39017

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 213725.

6.5CVSS6.3AI score0.00211EPSS

CVE•added 2022/07/14 5:15 p.m.•55 views

CVE-2021-39016

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722.

4.3CVSS4.5AI score0.00246EPSS

CVE•added 2022/07/14 5:15 p.m.•49 views

CVE-2021-39028

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site s...

5.4CVSS5.2AI score0.00221EPSS

CVE•added 2022/07/14 5:15 p.m.•48 views

CVE-2021-39018

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that could aid in further attacks against the system. IBM X-Force ID: 213726.

4.3CVSS4.5AI score0.00234EPSS

CVE•added 2022/07/14 5:15 p.m.•33 views

CVE-2021-39019

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. IBM X-Force ID: 213728.

6.5CVSS6AI score0.00258EPSS