Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
IBM Engineering Lifecycle Management 7.0.3 ( through ) Interim Fix 021, 7.1.0 ( through ) Interim Fix 009, and 7.2.0 ( through ) Interim Fix 001 could allow an unauthenticated remote attacker to update server property files that would allow them to gain unauthorized access to the application.
AnalysisAI
Authorization bypass in IBM Engineering Lifecycle Management (ELM) 7.0.3, 7.1.0, and 7.2.0 allows unauthenticated remote attackers to modify server property files and gain unauthorized access to the application. The flaw carries a critical CVSS 9.8 score with full confidentiality, integrity, and availability impact, and IBM has released Interim Fixes addressing it. No public exploit identified at time of analysis, and EPSS exploitation probability is very low (0.03%, 10th percentile).
Technical ContextAI
IBM Engineering Lifecycle Management is an enterprise suite for application lifecycle management used across requirements, design, quality, and configuration management workflows (covered by cpe:2.3:a:ibm:engineering_lifecycle_management). The root cause is CWE-863 (Incorrect Authorization), meaning the application performs an authorization check but applies the wrong logic or fails to enforce restrictions on a privileged action. In this case, the server exposes a code path that allows modification of property files - configuration data that the server trusts at runtime - without first validating that the caller is authenticated or authorized, effectively turning a configuration management primitive into an authentication bypass.
RemediationAI
Apply the IBM-released Interim Fixes documented at https://www.ibm.com/support/pages/node/7274079 - specifically upgrade beyond Interim Fix 021 for 7.0.3, beyond Interim Fix 009 for 7.1.0, and beyond Interim Fix 001 for 7.2.0 (Patch available per vendor advisory). Until the fix is applied, restrict network access to ELM server endpoints to trusted management networks or VPN-only reachability via firewall or reverse-proxy ACLs, which neutralizes the AV:N attack vector at the cost of breaking remote integrations and external client tooling. Additionally, monitor for unexpected writes to server property files on ELM hosts and review property-file integrity against a known-good baseline; this is a detection-only control and will not block exploitation, but it provides high-fidelity evidence of an attempt.
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0, v.15.0 and v.16.0 fix
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0, v.15.0 and v.16.0 fix
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0, v.15.0 and v.16.0 fix
Remote code execution in IBM Engineering Lifecycle Management (ELM) versions 7.0.3 through Interim Fix 021, 7.1.0 throug
XML External Entity (XXE) injection in IBM Engineering Lifecycle Management (ELM) 7.0.3, 7.1.0, and 7.2.0 allows authent
IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. R
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an e
Engineering Lifecycle Management versions up to 7.0.3 is affected by cross-site scripting (xss) (CVSS 5.4).
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). Rated medium seve
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). Rated medium seve
Same weakness CWE-863 – Incorrect Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31954
GHSA-cxh9-m8x4-52q5