Skip to main content

Emptoris Sourcing Portfolio

4 CVEs product

Monthly

CVE-2014-6212 MEDIUM PATCH This Month

The Echo API in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix11, 10.0.0.x before 10.0.0.1 iFix12, 10.0.1.x before 10.0.1.5 iFix2, and 10.0.2.x before 10.0.2.2 iFix5; Emptoris Sourcing. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

IBM XXE Emptoris Sourcing Portfolio Emptoris Program Management Emptoris Contract Management +1
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2014-4790 MEDIUM PATCH This Month

IBM Emptoris Sourcing Portfolio 9.5.x before 9.5.1.3, 10.0.0.x before 10.0.0.1, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 and Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

IBM Privilege Escalation Emptoris Spend Analysis Emptoris Sourcing Portfolio
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2014-3040 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix 10, 10.0.0.x before 10.0.0.1 iFix 10, 10.0.1.x before 10.0.1.4, and 10.0.2.x before. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS CSRF Emptoris Spend Analysis Emptoris Sourcing Portfolio +1
NVD
CVSS 2.0
6.0
EPSS
0.2%
CVE-2014-3033 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Emptoris Sourcing Portfolio 9.5.x before 9.5.1.3, 10.0.0.x before 10.0.0.1, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Emptoris Sourcing Portfolio
NVD
CVSS 2.0
3.5
EPSS
0.2%
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

The Echo API in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix11, 10.0.0.x before 10.0.0.1 iFix12, 10.0.1.x before 10.0.1.5 iFix2, and 10.0.2.x before 10.0.2.2 iFix5; Emptoris Sourcing. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

IBM XXE Emptoris Sourcing Portfolio +3
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

IBM Emptoris Sourcing Portfolio 9.5.x before 9.5.1.3, 10.0.0.x before 10.0.0.1, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 and Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

IBM Privilege Escalation Emptoris Spend Analysis +1
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix 10, 10.0.0.x before 10.0.0.1 iFix 10, 10.0.1.x before 10.0.1.4, and 10.0.2.x before. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS CSRF +3
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Emptoris Sourcing Portfolio 9.5.x before 9.5.1.3, 10.0.0.x before 10.0.0.1, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Emptoris Sourcing Portfolio
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy