Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jazz reporting service vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-4651
IBM Jazz Reporting Service (JRS) 6.0.6.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 170962.
Ibm Jazz Reporting Service 6.0.6.1
8.8
CVSSv3
CVE-2016-0315
The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x prior to 5.0.2 ifix016 and 6.x prior to 6.0.1 ifix005 maintain session ID validity after a logout action, which allows remote authenticated users to hijack sessions by leveraging an una...
Ibm Jazz Reporting Service 6.0.1
Ibm Jazz Reporting Service 5.0.2
Ibm Jazz Reporting Service 5.0
Ibm Jazz Reporting Service 6.0
Ibm Jazz Reporting Service 5.0.1
8.8
CVSSv3
CVE-2016-2889
Cross-site request forgery (CSRF) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x prior to 5.0.2 ifix016, 6.0 and 6.0.1 prior to 6.0.1 ifix005, and 6.0.2 before ifix002 allows remote authenticated users to hijack the...
Ibm Jazz Reporting Service 5.0.1
Ibm Jazz Reporting Service 5.0
Ibm Jazz Reporting Service 6.0.2
Ibm Jazz Reporting Service 6.0.1
Ibm Jazz Reporting Service 6.0
Ibm Jazz Reporting Service 5.0.2
8.8
CVSSv3
CVE-2015-7465
Cross-site request forgery (CSRF) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 prior to 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Jazz Reporting Service 6.0
7.5
CVSSv3
CVE-2016-0319
The XML parser in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 prior to 6.0.1 iFix006 allows remote authenticated administrators to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conju...
Ibm Jazz Reporting Service 6.0
Ibm Jazz Reporting Service 6.0.1
7.5
CVSSv3
CVE-2015-7464
Report Builder in IBM Jazz Reporting Service (JRS) 5.x prior to 5.0.2-Rational-CLM-ifix011 and 6.0 prior to 6.0.0-Rational-CLM-ifix005 allows remote malicious users to cause a denial of service (Report Builder server outage) via a crafted request to a Report Builder instance URL.
Ibm Jazz Reporting Service 5.0.1
Ibm Jazz Reporting Service 5.0
Ibm Jazz Reporting Service 6.0
Ibm Jazz Reporting Service 5.0.2
7.5
CVSSv3
CVE-2015-7470
Report Builder in IBM Jazz Reporting Service (JRS) 5.x prior to 5.0.2-Rational-CLM-ifix011 and 6.0 prior to 6.0.0-Rational-CLM-ifix005 allows man-in-the-middle malicious users to obtain sensitive information via unspecified vectors, as demonstrated by login information.
Ibm Jazz Reporting Service 6.0
Ibm Jazz Reporting Service 5.0
Ibm Jazz Reporting Service 5.0.1
Ibm Jazz Reporting Service 5.0.2
6.5
CVSSv3
CVE-2018-1639
The Report Builder of Jazz Reporting Service 5.0 up to and including 5.0.2 and 6.0 up to and including 6.0.6 could allow an authenticated user to obtain sensitive information beyond its assigned privileges. IBM X-Force ID: 144579.
Ibm Jazz Reporting Service
6.5
CVSSv3
CVE-2016-0317
Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 prior to 6.0.1 iFix006 allows remote malicious users to conduct clickjacking attacks via unspecified vectors.
Ibm Jazz Reporting Service 6.0
Ibm Jazz Reporting Service 6.0.1
6.5
CVSSv3
CVE-2016-0314
The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x prior to 5.0.2 ifix016 and 6.x prior to 6.0.1 ifix005 allow remote authenticated users to conduct clickjacking attacks via unspecified vectors.
Ibm Jazz Reporting Service 6.0.1
Ibm Jazz Reporting Service 5.0
Ibm Jazz Reporting Service 6.0
Ibm Jazz Reporting Service 5.0.2
Ibm Jazz Reporting Service 5.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »