Emptoris Contract Management@10.0.2.5 Security Vulnerabilities and Issues — Emptoris Contract Management@10.0.2.5 CVE List

Lucene search

IbmEmptoris Contract Management10.0.2.5

4 matches found

CVE•added 2016/02/15 2:59 a.m.•35 views

CVE-2015-5050

Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote authenticated users to hijack the authentication of arbitr...

8.8CVSS8.6AI score0.00105EPSS

CVE•added 2016/02/15 2:59 a.m.•34 views

CVE-2015-5042

IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file.

7.5CVSS8.2AI score0.00622EPSS

CVE•added 2016/02/15 2:59 a.m.•34 views

CVE-2015-7398

Cross-site scripting (XSS) vulnerability in IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote authenticated users to inject arbitrary web script or HTML via a ...

5.4CVSS5.5AI score0.00168EPSS

CVE•added 2017/07/19 8:29 p.m.•33 views

CVE-2016-6018

IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks. IBM X-Force ID: 116738.

4.3CVSS5.4AI score0.00212EPSS