CVE-2015-5024

EUVD-2015-5041
IBM Emptoris Sourcing 10.0.2.0 before iFix6, 10.0.2.2 before iFix11, 10.0.2.3, 10.0.2.5 before iFix4, 10.0.2.6 before iFix8, 10.0.2.7 before iFix1, and 10.0.4.x before iFix2 allows remote authenticated users to obtain sensitive supplier-bid information via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
ibmemptoris_sourcing
10.0.2.0
ibmemptoris_sourcing
10.0.2.2
ibmemptoris_sourcing
10.0.2.3
ibmemptoris_sourcing
10.0.2.5
ibmemptoris_sourcing
10.0.2.6
ibmemptoris_sourcing
10.0.2.7
ibmemptoris_sourcing
10.0.4.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21967255
http://www-01.ibm.com/support/docview.wss?uid=swg21967255