Engineering Lifecycle Optimization Publishing Security Vulnerabilities and Issues — Engineering Lifecycle Optimization Publishing CVE List

Lucene search

IbmEngineering Lifecycle Optimization Publishing

4 matches found

CVE•added 2022/07/14 5:15 p.m.•58 views

CVE-2021-39017

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 213725.

6.5CVSS6.3AI score0.00112EPSS

CVE•added 2025/01/04 3:15 p.m.•41 views

CVE-2024-41765

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

6.5CVSS6.4AI score0.00078EPSS

CVE•added 2025/01/04 3:15 p.m.•41 views

CVE-2024-41768

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause an unhandled SSL exception which could leave the connection in an unexpected or insecure state.

6.5CVSS6.3AI score0.00116EPSS

CVE•added 2022/07/14 5:15 p.m.•33 views

CVE-2021-39019

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. IBM X-Force ID: 213728.

6.5CVSS6AI score0.00186EPSS