CVE-2019-4484
4.3
CVSS:3.0/I:N/PR:L/UI:N/AV:N/S:U/AC:L/A:N/C:L/E:U/RL:O/RC:C
Summary
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 generates an error message that includes sensitive information that could be used in further attacks against the system. IBM X-Force ID: 164068.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Contract Management | 10.1.0 | affected |
| IBM | Contract Management | 10.1.3 | affected |
| IBM | Emptoris Spend Analysis | 10.1.0 | affected |
| IBM | Emptoris Spend Analysis | 10.1.3 | affected |
| IBM | Emptoris Sourcing | 10.1.0 | affected |
| IBM | Emptoris Sourcing | 10.1.3 | affected |
Weaknesses
- Obtain Information
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/docview.wss?uid=ibm10880221
- https://exchange.xforce.ibmcloud.com/vulnerabilities/164068
References
- https://www.ibm.com/support/docview.wss?uid=ibm10880221
- https://exchange.xforce.ibmcloud.com/vulnerabilities/164068
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.