CVE-2021-39016IBM Engineering Lifecycle Optimization Publishing vulnerability

3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.1%
top 65.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Engineering Lifecycle Optimization Publishing
Timeline
PublishedJul 14
Latest updateJul 15

Description

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-g28g-9v8x-765w: IBM Engineering Lifecycle Optimization - Publishing 62022-07-15
CVEList
CVE-2021-39016: IBM Engineering Lifecycle Optimization - Publishing 62022-07-14
CVE-2021-39016 — IBM vulnerability | cvebase