Information Disclosure Vulnerability in IBM Emptoris Sourcing, Contract Management, and Spend Analysis

Information Disclosure Vulnerability in IBM Emptoris Sourcing, Contract Management, and Spend Analysis

CVE-2019-4308 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 could allow an authenticated user to obtain sensitive information from error messages IBM X-Force ID: 161034.

Learn more about our User Device Pen Test.