IBM Engineering Lifecycle Management - Jazz Foundation
Moderate fix3 remedies
cpe:2.3:a:ibm:jazz_foundation:*:*:*:*:*:*:*
Moderate fix3 remedies
- >= 7.0.2, <= 7.0.2 iFix034
- >= 7.0.3, <= 7.0.3 iFix014
- >= 7.1.0, <= 7.1.0 iFix003
IBM Jazz Foundation Relative Path Traversal Vulnerability Allowing File Upload
Vulnerability
Patched
A relative path traversal vulnerability has been identified in IBM Jazz Foundation versions 7.0.2 prior to iFix034, 7.0.3 prior to iFix014, and 7.1.0 prior to iFix003. This vulnerability could allow an authenticated user to upload files to the system by improperly neutralizing sequences that could resolve to a restricted directory.
Impact
Exploitation of this vulnerability could lead to unauthorized file uploads, potentially allowing for further attacks such as remote code execution, depending on the uploaded file's nature.
Remediation
Users are advised to upgrade to IBM Jazz Foundation version 7.0.2 iFix035, 7.0.3 iFix015, or 7.1.0 iFix004. Instructions for downloading these fixes are available on the IBM Support Fix Central website.
Added: Sep 4, 2025, 3:25 PM
Updated: Sep 4, 2025, 6:19 PM
Vulnerability Rating
Custom Algorithm
spread
0.3impact
0.6exploitability
4.9remediation
7.7relevance
0.4threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.