CVE-2021-29844

IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/205205	VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/6508583	Patch Vendor Advisory

Configuration 1

cpe:2.3:a:ibm:rational_team_concert:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:ibm:rational_doors_next_generation:6.0.6.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:rational_doors_next_generation:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:ibm:rational_team_concert:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:ibm:rational_team_concert:6.0.6.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:7.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:engineering_workflow_management:7.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:engineering_workflow_management:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:engineering_workflow_management:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:ibm:engineering_requirements_quality_assistant_on-premises:-:*:*:*:*:*:*:* cpe:2.3:a:ibm:rational_doors_next_generation:7.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:rational_doors_next_generation:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:rational_doors_next_generation:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:ibm:engineering_lifecycle_optimization:7.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:engineering_lifecycle_optimization:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:ibm:engineering_lifecycle_optimization:6.0.6.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:rational_rhapsody_design_manager:-:*:*:*:*:*:*:*

---

Published : 2021-10-27 04:15

Updated : 2021-11-02 03:10

---

NVD link : CVE-2021-29844

Mitre link : CVE-2021-29844

No products.

CWE-918

Server-Side Request Forgery (SSRF)