CVE-2026-4051

EUVD-2026-31951
IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privileges to execute remote code due to exposed method that is not properly restricted.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Affected Products (NVD)
VendorProductVersion
ibmengineering_lifecycle_management
7.0.3
ibmengineering_lifecycle_management
7.0.3:ifix002
ibmengineering_lifecycle_management
7.0.3:ifix003
ibmengineering_lifecycle_management
7.0.3:ifix004
ibmengineering_lifecycle_management
7.0.3:ifix005
ibmengineering_lifecycle_management
7.0.3:ifix006
ibmengineering_lifecycle_management
7.0.3:ifix007
ibmengineering_lifecycle_management
7.0.3:ifix008
ibmengineering_lifecycle_management
7.0.3:ifix009
ibmengineering_lifecycle_management
7.0.3:ifix010
ibmengineering_lifecycle_management
7.0.3:ifix011
ibmengineering_lifecycle_management
7.0.3:ifix012
ibmengineering_lifecycle_management
7.0.3:ifix013
ibmengineering_lifecycle_management
7.0.3:ifix014
ibmengineering_lifecycle_management
7.0.3:ifix015
ibmengineering_lifecycle_management
7.0.3:ifix016
ibmengineering_lifecycle_management
7.0.3:ifix017
ibmengineering_lifecycle_management
7.0.3:ifix018
ibmengineering_lifecycle_management
7.0.3:ifix019
ibmengineering_lifecycle_management
7.0.3:ifix020
ibmengineering_lifecycle_management
7.0.3:ifix021
ibmengineering_lifecycle_management
7.1.0
ibmengineering_lifecycle_management
7.1.0:ifix001
ibmengineering_lifecycle_management
7.1.0:ifix002
ibmengineering_lifecycle_management
7.1.0:ifix003
ibmengineering_lifecycle_management
7.1.0:ifix004
ibmengineering_lifecycle_management
7.1.0:ifix005
ibmengineering_lifecycle_management
7.1.0:ifix006
ibmengineering_lifecycle_management
7.1.0:ifix007
ibmengineering_lifecycle_management
7.1.0:ifix008
ibmengineering_lifecycle_management
7.1.0:ifix009
ibmengineering_lifecycle_management
7.2.0
ibmengineering_lifecycle_management
7.2.0:ifix001
𝑥
= Vulnerable software versions