IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 268755.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NIBM Engineering Lifecycle Optimization
APPIbm7.0.27.0.3
Related vulnerabilities
IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authentic...
IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain co...
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross-site scriptin...
IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection, caused by impro...
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session after logout w...