IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 198059.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:LIBM Engineering Insights
APPIbm7.07.0.17.0.2IBM Engineering Lifecycle Management
APPIbm7.0IBM Engineering Requirements Quality Assistant On Premises
APPIbmwszystkie wersjeIBM Engineering Workflow Management
APPIbm7.0.07.0.17.0.2IBM Rational Engineering Lifecycle Manager
APPIbm6.0.26.0.66.0.6.1IBM Rational Team Concert
APPIbm6.0.66.0.6.16.0.6.2
Related vulnerabilities
IBM Engineering Lifecycle Management — nieautoryzowany zapis plików konfiguracyjnych serwera
IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Interim Fix 021, 7.1.0 Interim Fix 001 th...
IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privi...
IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authentic...
IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain co...