Ibm Jazz_for_service_management

30 CVEs affecting Ibm Jazz_for_service_management. Latest disclosed: 2025-10-31. Critical: 0, High: 5.

Top CVEs affecting Ibm Jazz_for_service_management
CVESeverityScorePublishedSummary
CVE-2017-1746High8.82017-12-20IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious an…
CVE-2017-1631High8.82017-12-20IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious an…
CVE-2016-9975High8.82017-02-24IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthoriz…
CVE-2021-29831High8.12021-09-21IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to an XML External Entity Injection (XXE) attack when processing XML…
CVE-2019-4193High7.52019-07-11IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parti…
CVE-2021-29816Medium6.52021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site request forgery which could allow an attacker to execut…
CVE-2024-52892Medium6.12025-02-06IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed ar…
CVE-2019-4186Medium6.12019-09-05IBM Jazz for Service Management 1.1.3 is vulnerable to HTTP header injection, caused by incorrect trust in the HTTP Host header during caching. By sending a sp…
CVE-2019-4201Medium6.12019-06-06IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persua…
CVE-2016-5935Medium5.92017-02-02IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate…
CVE-2021-29904Medium5.52021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user credentials in plain clear text which can be read by a local user. IB…
CVE-2019-4275Medium5.52019-08-02IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow an unauthorized local user to create unique catalog names that could cause a denial of…
CVE-2022-35722Medium5.42022-09-28IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI…
CVE-2022-35721Medium5.42022-09-23IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the W…
CVE-2021-38877Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in th…
CVE-2021-29905Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site scripting. This vulnerability allows users to embed arb…
CVE-2021-29833Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em…
CVE-2021-29832Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em…
CVE-2021-29815Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em…
CVE-2021-29814Medium5.42021-09-23IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to em…