CVE-2017-1442

IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 128107...

Improper access control

IBM Emptoris Services Procurement 10.0.0.5 could allow a local user to view sensitive information stored locally due to improper access control. IBM X-Force ID: 128106...

CVE-2017-1441

IBM Emptoris Services Procurement 10.x contains a local information-disclosure vulnerability (CVE-2017-1441) due to improper access control. A local attacker could view sensitive information stored on the system. The IBM security bulletin lists affected versions (10.0.0.5) and provides remediatio...

CVE-2017-1442

CVE-2017-1442 affects IBM Emptoris Services Procurement 10.x, specifically 10.0.0.5, where a cross-site request forgery vulnerability could allow an attacker to perform malicious, unauthorized actions on behalf of a trusted user. The IBM Security Bulletin confirms this CSRF issue and lists the fi...