CVE-2021-39016
MEDIUMIBM Engineering Lifecycle Optimization - Publishing <7.0.2 - DoS
Title source: llmDescription
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/pages/node/6603335
VDB Entry, Vendor Advisory vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/213722
Scores
CVSS v3
4.3
EPSS
0.0014
EPSS Percentile
34.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Details
Status
published
Products (5)
ibm/engineering_lifecycle_optimization_-_publishing
6.0.6
ibm/engineering_lifecycle_optimization_-_publishing
6.0.6.1
ibm/engineering_lifecycle_optimization_-_publishing
7.0.1
ibm/engineering_lifecycle_optimization_publishing
7.0
ibm/engineering_lifecycle_optimization_publishing
7.0.2
Published
Jul 14, 2022
Tracked Since
Feb 18, 2026