Severity
Medium
Analysis Summary
CVE-2021-39019
IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2021-39019
Affected Vendors
IBM
Affected Products
- IBM Engineering Lifecycle Optimization Publishing 6.0.6
- IBM Engineering Lifecycle Optimization Publishing 6.0.6.1
- IBM Engineering Lifecycle Optimization Publishing 7.0
- IBM Engineering Lifecycle Optimization Publishing 7.0.1
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.