← Back

CVE-2019-4485

nvd nist
Published: Aug 20, 2019Modified: Nov 21, 2024

JSON object

Loading...
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.8 / Impact: 1.4
Source: NVD

Description

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 generates an error message that includes sensitive information that could be used in further attacks against the system. IBM X-Force ID: 164069.

Affected (3)

Ibm
3 products
Emptoris Contract Management
Emptoris Sourcing
Emptoris Spend Analysis
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Emptoris Contract Management
From 10.1.0 to 10.1.3
Emptoris Sourcing
From 10.1.0 to 10.1.3
Emptoris Spend Analysis
From 10.1.0 to 10.1.3

Related CWEs

CWE-209
Generation of Error Message Containing Sensitive Information
The product generates an error message that includes sensitive information about its environment, users, or associated data.

References (4)

Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.