CVE-2014-3041

CWE-89SQL Injection3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.3%
top 45.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Emptoris Contract Management
Timeline
PublishedAug 26
Latest updateMay 17

Description

SQL injection vulnerability in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix 10, 10.0.0.x before 10.0.0.1 iFix 10, 10.0.1.x before 10.0.1.4, and 10.0.2.x before 10.0.2.2 iFix 2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-vm69-p3gj-6336: SQL injection vulnerability in IBM Emptoris Contract Management 92022-05-17
CVEList
CVE-2014-3041: SQL injection vulnerability in IBM Emptoris Contract Management 92014-08-26