Engineering_test_management - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Engineering_test_management
(Ibm)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	45

Date	Id	Summary	Products	Score	Patch	Annotated
2021-06-02	CVE-2021-29670	IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199408.	Collaborative_lifecycle_management, Engineering_lifecycle_management, Engineering_lifecycle_optimization_\-_engineering_insights, Engineering_lifecycle_optimization_\-_publishing, Engineering_test_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Removable_media_manager	5.4
2021-07-28	CVE-2020-4974	IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 192434.	Engineering_lifecycle_optimization_\-_engineering_insights, Engineering_requirements_quality_assistant_on\-Premises, Engineering_test_management, Engineering_workflow_management, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_team_concert	6.3
2021-07-28	CVE-2020-5004	IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192957.	Engineering_lifecycle_optimization_\-_engineering_insights, Engineering_requirements_quality_assistant_on\-Premises, Engineering_test_management, Engineering_workflow_management, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_team_concert	5.4
2022-08-29	CVE-2021-38934	IBM Engineering Test Management 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 210671.	Engineering_test_management, Rational_quality_manager	5.4
2020-07-16	CVE-2019-4748	IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173174.	Collaborative_lifecycle_management, Doors_next, Engineering_lifecycle_manager, Engineering_test_management, Engineering_workflow_management, Rational_doors_next_generation, Rational_quality_manager, Rational_team_concert, Reference_data_management, Rhapsody_design_manager	N/A