Ibm Emptoris Strategic Supply Management — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Emptoris Strategic Supply Management, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2017-1097 — CVSS 8.8 (high): IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site request forgery which could allow…
CVE-2020-4898 — CVSS 7.5 (high): IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt…
CVE-2016-8951 — CVSS 7.5 (high): IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to a denial of service attack. An attacker can…
CVE-2017-1190 — CVSS 6.4 (medium): IBM Emptoris Strategic Supply Management Platform 10.x and 10.1 could allow a local user with special access roles to execute arbitrary…
CVE-2016-6029 — CVSS 5.9 (medium): IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 could allow a remote attacker to obtain sensitive information, caused by…
CVE-2020-4893 — CVSS 5.9 (medium): IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 transmits sensitive information in HTTP GET request parameters. This…
CVE-2016-8949 — CVSS 5.4 (medium): IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open…
CVE-2016-8952 — CVSS 5.4 (medium): IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability…
CVE-2016-6019 — CVSS 5.4 (medium): IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability…
CVE-2017-1448 — CVSS 5.4 (medium): IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open…
CVE-2020-4895 — CVSS 5.4 (medium): IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows…
CVE-2016-6021 — CVSS 5.4 (medium): IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to…
CVE-2016-6118 — CVSS 5.4 (medium): IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2016-6121 — CVSS 5.4 (medium): IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x is vulnerable to cross-site scripting. This vulnerability allows users to…
CVE-2015-4939 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM Emptoris Supplier Lifecycle Management and Emptoris Program Management 10.x before…