Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-35619)

Summary An Oracle database server vulnerability affects IBM Emptoris Strategic Supply Management Platform. The issue has been addressed. Vulnerability Details CVEID: CVE-2021-35619 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-2438)

Summary An Oracle Database Server security vulnerability has been addressed in IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2021-2438 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an...

Security Bulletin: Multiple IBM DB2 Server Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform

Summary Multiple IBM DB2 Server vulnerabilities affect IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2020-5025 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflo...

IBM Emptoris Strategic Supply Management 信息泄露漏洞

The IBM Emptoris Strategic Supply Management Platform is the public portal to the Emptoris suite of products. An information disclosure vulnerability exists in IBM Emptoris Strategic Supply Management Platform 10.1.0, 10.1.1, and 10.1.3. The vulnerability stems from the product transmitting...

IBM Emptoris Strategic Supply Management Cross-Site Scripting Vulnerability (CNVD-2017-25667)

The IBM Emptoris Strategic Supply Management Platform is a common Web-based portal for accessing the Emptoris suite of products from IBM. A cross-site request forgery vulnerability exists in IBM Emptoris Strategic Supply Management Platform versions 10.0.0.x through 10.1.1.x. The vulnerability ca...

CVE-2017-1097

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 120657...

IBM Emptoris Strategic Supply Management Information Disclosure Vulnerability

The IBM Emptoris Strategic Supply Management Platform is a common Web-based portal for accessing the Emptoris suite of products from IBM. An information disclosure vulnerability exists in IBM Emptoris Strategic Supply Management Platform versions 10.0 and 10.1, which is caused by the program...

IBM Emptoris Strategic Supply Management Arbitrary Code Execution Vulnerability

The IBM Emptoris Strategic Supply Management Platform is a common Web-based portal for accessing the Emptoris suite of products from IBM. An arbitrary code execution vulnerability exists in IBM Emptoris Strategic Supply Management Platform versions 10.x and 10.1. A local attacker could exploit th...

CVE-2017-1190

IBM Emptoris Strategic Supply Management Platform 10.x and 10.1 could allow a local user with special access roles to execute arbitrary code on the system. By manipulating a configurable property, an attacker could exploit this vulnerability to gain full control over the system. IBM X-Force ID:...

CVE-2016-6029

IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the...

CVE-2016-6021

IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2016-8951

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to a denial of service attack. An attacker can exploit a vulnerability in the authentication features that could log out users and flood user accounts with emails. IBM X-Force ID: 118838...

CVE-2016-8952

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

IBM Emptoris Strategic Supply Management Platform and Emptoris Program Management Cross-Site Scripting Vulnerability

IBM Emptoris Strategic Supply Management Platform is a strategic supply management solution from IBM that helps organizations maximize cost savings, improve supplier performance and reduce risk. A cross-site scripting vulnerability exists in IBM Emptoris Strategic Supply Management Platform and...