cbcvebase.
CVE-2021-20502
published 2021-03-30

CVE-2021-20502: IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this…

high7.1CVSS 3.1
AVNACLPRLUINSUCHINAL
IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 198059.

Affected

18 ranges
VendorProductVersion rangeFixed in
ibmengineering_insights
ibmengineering_insights
ibmengineering_insights
ibmengineering_lifecycle_management
ibmengineering_lifecycle_optimization
ibmengineering_lifecycle_optimization
ibmengineering_lifecycle_optimization
ibmengineering_workflow_management
ibmengineering_workflow_management
ibmengineering_workflow_management
ibmengineering_workflow_management
ibmrational_engineering_lifecycle_manager
ibmrational_engineering_lifecycle_manager
ibmrational_engineering_lifecycle_manager
ibmrational_team_concert
ibmrational_team_concert
ibmrational_team_concert
ibmrational_team_concert