CVE-2021-39016
4.3
CVSS:3.0/PR:L/C:N/I:L/UI:N/S:U/AC:L/A:N/AV:N/RL:O/RC:C/E:U
Summary
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Engineering Lifecycle Optimization Publishing | 6.0.6 | affected |
| IBM | Engineering Lifecycle Optimization Publishing | 6.0.6.1 | affected |
| IBM | Engineering Lifecycle Optimization Publishing | 7.0 | affected |
| IBM | Engineering Lifecycle Optimization Publishing | 7.0.1 | affected |
| IBM | Engineering Lifecycle Optimization Publishing | 7.0.2 | affected |
Weaknesses
- Bypass Security
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/6603335
- https://exchange.xforce.ibmcloud.com/vulnerabilities/213722
References
- https://www.ibm.com/support/pages/node/6603335
- https://exchange.xforce.ibmcloud.com/vulnerabilities/213722
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.