Primary

Context

IBM Engineering Lifecycle Management Authentication Bypass Vulnerability Allowing Unauthorized Access

Vulnerability

Patched

An authentication bypass vulnerability has been identified in IBM Engineering Lifecycle Management - Jazz Foundation, affecting versions 7.0.3 (through iFix021), 7.1.0 (through iFix009), and 7.2.0 (through iFix001). This vulnerability could allow an unauthenticated remote attacker to update server property files, potentially leading to unauthorized access to the application.

Impact

Exploitation of this vulnerability could result in unauthorized access to the application.

Remediation

Users are advised to upgrade to version 7.0.3 (iFix022), 7.1.0 (iFix010), or 7.2.0 (iFix002).

Added: May 26, 2026, 10:20 PM

Updated: May 26, 2026, 10:20 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

7.0

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

7.0

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Engineering Lifecycle Management Authentication Bypass Vulnerability Allowing Unauthorized Access

Vulnerability

Impact

Remediation

Affected Products

IBM Engineering Lifecycle Management

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating