ibm rational_engineering_lifecycle_manager CVE Vulnerabilities (141)

CVEs: 141 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting ibm rational_engineering_lifecycle_manager (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 2140 of 141 CVEs
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2020-4732 IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of security restrictions. IBM X-Force ID: 188126. [email protected] 6.5 0.80% 2021-06-02 2026-06-16
CVE-2020-4495 IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper access control. By sending a specially-crafted request to the REST API, an attacker could exploit this vulnerability to bypass access restrictions, and execute arbitrary actions with administrative privileges. IBM X-Force ID: 182114. [email protected] 8.8 2.65% 2021-06-02 2026-06-16
CVE-2021-20519 IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198441. [email protected] 5.4 0.62% 2021-04-12 2026-06-16
CVE-2020-4965 IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422. [email protected] 7.5 0.72% 2021-04-12 2026-06-16
CVE-2020-4964 IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users. IBM X-Force ID: 192419. [email protected] 4.3 0.64% 2021-04-12 2026-06-16
CVE-2020-4920 IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191396. [email protected] 5.4 0.62% 2021-04-12 2026-06-16
CVE-2021-20520 IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198572. [email protected] 5.4 0.50% 2021-03-30 2026-06-16
CVE-2021-20518 IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198437. [email protected] 5.4 0.50% 2021-03-30 2026-06-16
CVE-2021-20506 IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198231. [email protected] 5.4 0.50% 2021-03-30 2026-06-16
CVE-2021-20504 IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198231. [email protected] 5.4 0.50% 2021-03-30 2026-06-16
CVE-2021-20503 IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198182. [email protected] 5.4 0.50% 2021-03-30 2026-06-16
CVE-2021-20502 IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 198059. [email protected] 7.1 1.40% 2021-03-30 2026-06-16
CVE-2021-20447 IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196623. [email protected] 5.4 0.50% 2021-03-30 2026-06-16
CVE-2021-20352 IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194710. [email protected] 5.4 0.50% 2021-03-30 2026-06-16
CVE-2021-20357 IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963. [email protected] 5.4 0.66% 2021-01-27 2026-06-16
CVE-2020-4865 IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741. [email protected] 5.4 0.66% 2021-01-27 2026-06-16
CVE-2020-4855 IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190457. [email protected] 5.4 0.66% 2021-01-27 2026-06-16
CVE-2020-4547 IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 183315. [email protected] 5.4 0.82% 2021-01-27 2026-06-16
CVE-2020-4524 IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182434. [email protected] 5.4 0.66% 2021-01-27 2026-06-16
CVE-2020-4733 IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188127. [email protected] 5.4 0.55% 2021-01-08 2026-06-16
cvelogic Threat Intelligence