Ibm Jazz For Service Management

26 CVEs affecting Ibm Jazz For Service Management. Latest disclosed: 2025-10-31. Critical: 0, High: 2.

Top CVEs affecting Ibm Jazz For Service Management
CVESeverityScorePublishedSummary
CVE-2021-29831High8.12021-09-21IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to an XML External Entity Injection (XXE) attack when processing XML…
CVE-2019-4193High7.52019-07-11IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parti…
CVE-2021-29816Medium6.52021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site request forgery which could allow an attacker to execut…
CVE-2024-52892Medium6.12025-02-06IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed ar…
CVE-2019-4186Medium6.12019-09-05IBM Jazz for Service Management 1.1.3 is vulnerable to HTTP header injection, caused by incorrect trust in the HTTP Host header during caching. By sending a sp…
CVE-2019-4201Medium6.12019-06-06IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persua…
CVE-2021-29904Medium5.52021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user credentials in plain clear text which can be read by a local user. IB…
CVE-2019-4275Medium5.52019-08-02IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow an unauthorized local user to create unique catalog names that could cause a denial of…
CVE-2022-35722Medium5.42022-09-28IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI…
CVE-2022-35721Medium5.42022-09-23IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the W…
CVE-2021-38877Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in th…
CVE-2021-29905Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site scripting. This vulnerability allows users to embed arb…
CVE-2021-29833Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em…
CVE-2021-29832Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em…
CVE-2021-29815Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em…
CVE-2021-29814Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em…
CVE-2021-29813Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em…
CVE-2021-29812Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em…
CVE-2021-29810Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em…
CVE-2021-29800Medium5.42021-09-23IBM Tivoli Netcool/OMNIbus_GUI and IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to em…