CVE-2016-6018

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Emptoris Contract Management
Vendor: CVE Published:; 19 July 2017

Summary

IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks. IBM X-Force ID: 116738.

Affected Version(s)

Emptoris Contract Management 10.0.0.0

Emptoris Contract Management 10.0.1.0

Emptoris Contract Management 10.0.2.0

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/116738

x_refsource_MISC

http://www.ibm.com/support/docview.wss?uid=swg22005664

x_refsource_CONFIRM

http://www.securityfocus.com/bid/99624

vdb-entryx_refsource_BID

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2017
Vulnerability Reserved
Jun 29, 2016