Lucene search
K
IbmEmptoris Sourcing Portfolio

4 matches found

CVE
CVE
added 2014/08/26 10:0 a.m.53 views

CVE-2014-4790

The CVE-2014-4790 entry affects IBM Emptoris Sourcing Portfolio and Emptoris Spend Analysis. Affected.product components: Emptoris Sourcing Portfolio versions 9.5.x before 9.5.1.3, 10.0.0.x before 10.0.0.1, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4; Emptoris Spend Analysis versions 9...

4.9CVSS8.6AI score0.00803EPSS
CVE
CVE
added 2015/01/10 2:0 a.m.45 views

CVE-2014-6212

The CVE-2014-6212 issue is an XML External Entity (XXE) vulnerability in IBM Emptoris family products (Contract Management, Sourcing, Program Management/SSMP). The Echo API across multiple versions (Contract Management 9.5.x up to 9.5.0.6 iFix11; 10.0.0.x up to 10.0.0.1 iFix12; 10.0.1.x up to 10....

4CVSS6.3AI score0.01419EPSS
CVE
CVE
added 2014/08/26 10:0 a.m.43 views

CVE-2014-3040

CVE-2014-3040 is a CSRF vulnerability in IBM Emptoris family (Contract Management, Sourcing Portfolio, Spend Analysis). The flaw affects multiple versions across 9.5.x and 10.x, where remote authenticated users can hijack a user’s session by crafting requests that insert XSS sequences. Affected c...

6CVSS9AI score0.00851EPSS
CVE
CVE
added 2014/08/26 10:0 a.m.41 views

CVE-2014-3033

IBM Emptoris Sourcing Portfolio is affected by a Cross-site Scripting (XSS) vulnerability in multiple versions: 9.5.x before 9.5.1.3, 10.0.0.x before 10.0.0.1, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4. The issue permits remote authenticated users to inject arbitrary web script or HT...

3.5CVSS6.8AI score0.00936EPSS