Lucene search
K
IbmEmptoris Services Procurement

4 matches found

CVE
CVE
added 2017/08/30 9:0 p.m.77 views

CVE-2017-1441

IBM Emptoris Services Procurement 10.x contains a local information-disclosure vulnerability (CVE-2017-1441) due to improper access control. A local attacker could view sensitive information stored on the system. The IBM security bulletin lists affected versions (10.0.0.5) and provides remediatio...

5.5CVSS5.6AI score0.00329EPSS
CVE
CVE
added 2017/08/30 9:0 p.m.50 views

CVE-2017-1440

CVE-2017-1440 affects IBM Emptoris Services Procurement 10.x. The vulnerability allows a remote attacker to include arbitrary files by sending a specially crafted URL, enabling remote code execution on the vulnerable web server. The IBM security bulletin lists multiple CVEs for the product, with ...

8.8CVSS8.7AI score0.02955EPSS
CVE
CVE
added 2017/08/30 9:0 p.m.49 views

CVE-2017-1442

CVE-2017-1442 affects IBM Emptoris Services Procurement 10.x, specifically 10.0.0.5, where a cross-site request forgery vulnerability could allow an attacker to perform malicious, unauthorized actions on behalf of a trusted user. The IBM Security Bulletin confirms this CSRF issue and lists the fi...

8.8CVSS8.4AI score0.00668EPSS
CVE
CVE
added 2017/08/30 9:0 p.m.45 views

CVE-2017-1443

IBM Emptoris Services Procurement 10.x is affected by CVE-2017-1443, a cross-site scripting vulnerability in the Web UI that could allow an attacker to embed arbitrary JavaScript and potentially disclose credentials within a trusted session. The IBM security bulletin lists 10.0.0.5 as affected an...

6.1CVSS6AI score0.00977EPSS