Ibm Jazz For Service Management
26 CVEs affecting Ibm Jazz For Service Management. Latest disclosed: 2025-10-31. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-29831 | High | 8.1 | 2021-09-21 | IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to an XML External Entity Injection (XXE) attack when processing XML… |
CVE-2019-4193 | High | 7.5 | 2019-07-11 | IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parti… |
CVE-2021-29816 | Medium | 6.5 | 2021-09-23 | IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site request forgery which could allow an attacker to execut… |
CVE-2024-52892 | Medium | 6.1 | 2025-02-06 | IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed ar… |
CVE-2019-4186 | Medium | 6.1 | 2019-09-05 | IBM Jazz for Service Management 1.1.3 is vulnerable to HTTP header injection, caused by incorrect trust in the HTTP Host header during caching. By sending a sp… |
CVE-2019-4201 | Medium | 6.1 | 2019-06-06 | IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persua… |
CVE-2021-29904 | Medium | 5.5 | 2021-09-23 | IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user credentials in plain clear text which can be read by a local user. IB… |
CVE-2019-4275 | Medium | 5.5 | 2019-08-02 | IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow an unauthorized local user to create unique catalog names that could cause a denial of… |
CVE-2022-35722 | Medium | 5.4 | 2022-09-28 | IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI… |
CVE-2022-35721 | Medium | 5.4 | 2022-09-23 | IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the W… |
CVE-2021-38877 | Medium | 5.4 | 2021-09-23 | IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in th… |
CVE-2021-29905 | Medium | 5.4 | 2021-09-23 | IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site scripting. This vulnerability allows users to embed arb… |
CVE-2021-29833 | Medium | 5.4 | 2021-09-23 | IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em… |
CVE-2021-29832 | Medium | 5.4 | 2021-09-23 | IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em… |
CVE-2021-29815 | Medium | 5.4 | 2021-09-23 | IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em… |
CVE-2021-29814 | Medium | 5.4 | 2021-09-23 | IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em… |
CVE-2021-29813 | Medium | 5.4 | 2021-09-23 | IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em… |
CVE-2021-29812 | Medium | 5.4 | 2021-09-23 | IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em… |
CVE-2021-29810 | Medium | 5.4 | 2021-09-23 | IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em… |
CVE-2021-29800 | Medium | 5.4 | 2021-09-23 | IBM Tivoli Netcool/OMNIbus_GUI and IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to em… |