CVE-2015-5024

Name of the Vulnerable Software and Affected Versions IBM Emptoris Sourcing versions 10.0.2.0 through 10.0.2.0 before iFix6 IBM Emptoris Sourcing versions 10.0.2.2 through 10.0.2.2 before iFix11 IBM Emptoris Sourcing version 10.0.2.3 IBM Emptoris Sourcing versions 10.0.2.5 through 10.0.2.5 before iFix4 IBM Emptoris Sourcing versions 10.0.2.6 through 10.0.2.6 before iFix8 IBM Emptoris Sourcing versions 10.0.2.7 through 10.0.2.7 before iFix1 IBM Emptoris Sourcing versions 10.0.4.x through 10.0.4.x before iFix2

Description The issue allows remote authenticated users to obtain sensitive supplier-bid information via unspecified vectors.

Recommendations For version 10.0.2.0, apply iFix6 to resolve the issue. For version 10.0.2.2, apply iFix11 to resolve the issue. For version 10.0.2.3, there is no information about a newer version that contains a fix for this issue. For version 10.0.2.5, apply iFix4 to resolve the issue. For version 10.0.2.6, apply iFix8 to resolve the issue. For version 10.0.2.7, apply iFix1 to resolve the issue. For version 10.0.4.x, apply iFix2 to resolve the issue.