CVE-2019-4308
published 2019-08-20CVE-2019-4308: IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 could allow…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 could allow an authenticated user to obtain sensitive information from error messages IBM X-Force ID: 161034.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | contract_management | — | — |
| ibm | contract_management | — | — |
| ibm | emptoris_contract_management | 10.1.0 – 10.1.3 | — |
| ibm | emptoris_sourcing | — | — |
| ibm | emptoris_sourcing | — | — |
| ibm | emptoris_sourcing | 10.1.0 – 10.1.3 | — |
| ibm | emptoris_spend_analysis | — | — |
| ibm | emptoris_spend_analysis | — | — |
| ibm | emptoris_spend_analysis | 10.1.0 – 10.1.3 | — |
| twisted | twisted | >= 0 < 13.2.0-1ubuntu1.2+esm1 | 13.2.0-1ubuntu1.2+esm1 |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
osv6.1MEDIUM