Engineering workflow management
This hub aggregates every CVE we track for Engineering workflow management, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
50
CVEs tracked
0
Critical
4
High
0
In CISA KEV
Severity distribution
MEDIUM46HIGH4
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Engineering workflow management.
- CVE-2024-51454IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities Host Header Injection observed6.5
- CVE-2025-33128IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities HTML / XSS Injection observed5.4
- CVE-2024-28793IBM Engineering Workflow Management cross-site scripting4.9
- CVE-2020-4989IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. ...4.3
- CVE-2021-29701IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6.0.6 and 6.0.6.1 could allow an authneticated attacker to obtain sensitive information from build def...4.3
- CVE-2021-29844IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to net...8.8
- CVE-2021-29786IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172.6.5
- CVE-2021-29774IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025.7.5
- CVE-2021-29713IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten...5.4
- CVE-2021-29673IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten...5.4
- CVE-2020-5004IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potent...5.4
- CVE-2020-4974IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to net...6.3
- CVE-2021-20507IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended ...5.4
- CVE-2020-5031IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended ...5.4
- CVE-2021-20519IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten...5.4
Product normalization is registry-driven with AI assist and human review. How it works