VYPR

Engineering Lifecycle Optimization - Engineering Insights

by IBM

CVEs (3)

  • CVE-2024-39726HigNov 15, 2024
    risk 0.53cvss 8.2epss 0.01

    IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.

  • CVE-2024-39727MedDec 25, 2024
    risk 0.40cvss 6.1epss 0.00

    IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web…

  • CVE-2024-39725MedDec 25, 2024
    risk 0.34cvss 5.3epss 0.00

    IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.