Lucene search
K

8 matches found

CNVD
CNVD
added 2019/08/21 12:0 a.m.3 views

IBM Emptoris Spend Analysis Information Disclosure Vulnerability

IBM Emptoris Spend Analysis is a product within IBM's suite of procurement solutions for consolidating, cleansing and categorizing spend data from decentralized systems. An information disclosure vulnerability exists in IBM Emptoris Spend Analysis versions 10.1.0 through 10.1.3, which arises from...

4.3CVSS6.1AI score0.00994EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/20 7:30 p.m.18 views

CVE-2019-4482

IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...

5.4CVSS5.2AI score0.00673EPSS
Exploits0References2
OSV
OSV
added 2019/08/20 7:15 p.m.3 views

CVE-2019-4483

IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IB...

9.8CVSS7.2AI score0.01959EPSS
Exploits0References2
Prion
Prion
added 2019/08/20 7:15 p.m.13 views

Information disclosure

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 could allow an authenticated user to obtain sensitive information from error messages IBM X-Force ID: 161034...

4CVSS4AI score0.00994EPSS
Exploits0References2Affected Software3
Positive Technologies
Positive Technologies
added 2019/08/20 12:0 a.m.5 views

PT-2019-17105 · Ibm · Ibm Emptoris Spend Analysis +2

Name of the Vulnerable Software and Affected Versions: IBM Emptoris Sourcing versions 10.1.0 through 10.1.3 IBM Contract Management versions 10.1.0 through 10.1.3 IBM Emptoris Spend Analysis versions 10.1.0 through 10.1.3 Description: The issue generates an error message that includes sensitive...

4.3CVSS4.4AI score0.00994EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/08/20 12:0 a.m.6 views

PT-2019-17029 · Ibm · Ibm Emptoris Spend Analysis +2

Name of the Vulnerable Software and Affected Versions: IBM Emptoris Sourcing versions 10.1.0 through 10.1.3 IBM Contract Management versions 10.1.0 through 10.1.3 IBM Emptoris Spend Analysis versions 10.1.0 through 10.1.3 Description: The issue allows an authenticated user to obtain sensitive...

4.3CVSS4.2AI score0.00994EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/07/01 12:0 a.m.8 views

PT-2019-17051 · Ibm +2 · Ibm Spectrum Protect Plus +2

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Protect Plus versions 10.1.0 through 10.1.3 Description: The issue concerns an escalation of user privileges that may occur during a redirected restore operation when protecting Oracle or MongoDB databases. Recommendations: For...

7.9CVSS7.2AI score0.00401EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/07/01 12:0 a.m.7 views

PT-2019-17045 · Ibm +2 · Ibm Spectrum Protect Plus +3

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Protect Plus versions 10.1.0 through 10.1.3 Description: The issue allows execution of arbitrary code on the system when performing a redirected restore operation that specifies a target path, particularly when protecting Oracle,...

8.2CVSS7.7AI score0.00458EPSS
Exploits0References6
Rows per page
Query Builder