PT-2015-6755 · Ibm · Ibm Emptoris Sourcing
Published
2015-10-05
·
Updated
2015-10-07
·
CVE-2015-5024
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Emptoris Sourcing versions 10.0.2.0 through 10.0.2.0 before iFix6
IBM Emptoris Sourcing versions 10.0.2.2 through 10.0.2.2 before iFix11
IBM Emptoris Sourcing version 10.0.2.3
IBM Emptoris Sourcing versions 10.0.2.5 through 10.0.2.5 before iFix4
IBM Emptoris Sourcing versions 10.0.2.6 through 10.0.2.6 before iFix8
IBM Emptoris Sourcing versions 10.0.2.7 through 10.0.2.7 before iFix1
IBM Emptoris Sourcing versions 10.0.4.x through 10.0.4.x before iFix2
Description
The issue allows remote authenticated users to obtain sensitive supplier-bid information via unspecified vectors.
Recommendations
For version 10.0.2.0, apply iFix6 to resolve the issue.
For version 10.0.2.2, apply iFix11 to resolve the issue.
For version 10.0.2.3, there is no information about a newer version that contains a fix for this issue.
For version 10.0.2.5, apply iFix4 to resolve the issue.
For version 10.0.2.6, apply iFix8 to resolve the issue.
For version 10.0.2.7, apply iFix1 to resolve the issue.
For version 10.0.4.x, apply iFix2 to resolve the issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Emptoris Sourcing