CVE-2015-5024

IBM Emptoris Sourcing 10.0.2.0 before iFix6, 10.0.2.2 before iFix11, 10.0.2.3, 10.0.2.5 before iFix4, 10.0.2.6 before iFix8, 10.0.2.7 before iFix1, and 10.0.4.x before iFix2 allows remote authenticated users to obtain sensitive supplier-bid information via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
ibmemptoris_sourcing
10.0.2.0
ibmemptoris_sourcing
10.0.2.2
ibmemptoris_sourcing
10.0.2.3
ibmemptoris_sourcing
10.0.2.5
ibmemptoris_sourcing
10.0.2.6
ibmemptoris_sourcing
10.0.2.7
ibmemptoris_sourcing
10.0.4.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21967255
http://www-01.ibm.com/support/docview.wss?uid=swg21967255