CVE-2026-4051

Summary

IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privileges to execute remote code due to exposed method that is not properly restricted.

Affected Software

VendorProductVersion RangeStatus
IBMEngineering Lifecycle Management7.0.3 <= Interim Fix 021affected
IBMEngineering Lifecycle Management7.1.0 <= Interim Fix 009affected
IBMEngineering Lifecycle Management7.2.0 <= Interim Fix 001affected

Weaknesses

  • CWE-749: CWE-749 Exposed Dangerous Method or Function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References