Skip to main content

Emptoris Services Procurement

4 CVEs product

Monthly

CVE-2017-1443 MEDIUM PATCH This Month

IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Emptoris Services Procurement
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-1442 HIGH PATCH This Week

IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF IBM Emptoris Services Procurement
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2017-1441 MEDIUM PATCH This Month

IBM Emptoris Services Procurement 10.0.0.5 could allow a local user to view sensitive information stored locally due to improper access control. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure Emptoris Services Procurement
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-1440 HIGH PATCH This Week

IBM Emptoris Services Procurement 10.0.0.5 could allow a remote attacker to include arbitrary files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection IBM Emptoris Services Procurement
NVD
CVSS 3.0
8.8
EPSS
3.3%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Emptoris Services Procurement
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF IBM Emptoris Services Procurement
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

IBM Emptoris Services Procurement 10.0.0.5 could allow a local user to view sensitive information stored locally due to improper access control. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure Emptoris Services Procurement
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

IBM Emptoris Services Procurement 10.0.0.5 could allow a remote attacker to include arbitrary files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection IBM +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy