Information disclosure

2021-01-0718:15:00

PRIOn knowledge base

www.prio-n.com

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.8%

JSON

IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190988.

CPENameOperatorVersion
emptoris_contract_managementge10.1.3.0
emptoris_contract_managementlt10.1.3.30
emptoris_contract_managementge10.1.0.0
emptoris_contract_managementlt10.1.0.38
emptoris_contract_managementge10.1.1.0
emptoris_contract_managementlt10.1.1.35
emptoris_spend_analysisge10.1.3.0
emptoris_spend_analysislt10.1.3.30
emptoris_spend_analysisge10.1.1.0
emptoris_spend_analysislt10.1.1.35

Name	Operator	Version
emptoris_contract_management	ge	10.1.3.0
emptoris_contract_management	lt	10.1.3.30
emptoris_contract_management	ge	10.1.0.0
emptoris_contract_management	lt	10.1.0.38
emptoris_contract_management	ge	10.1.1.0
emptoris_contract_management	lt	10.1.1.35
emptoris_spend_analysis	ge	10.1.3.0
emptoris_spend_analysis	lt	10.1.3.30
emptoris_spend_analysis	ge	10.1.1.0
emptoris_spend_analysis	lt	10.1.1.35