Denial of Service Vulnerability in IBM Emptoris Strategic Supply Management Platform
CVE-2016-8951

7.5HIGH

Key Information:

Vendor: IBM
Status: Emptoris Strategic Supply Management
Vendor: CVE Published:; 13 July 2017

🔔 Create IBM Vulnerability Alert

What is CVE-2016-8951?

The IBM Emptoris Strategic Supply Management Platform is susceptible to a denial of service attack due to flaws in its authentication process. This vulnerability allows attackers to log out users and overwhelm user accounts with excessive email notifications, disrupting normal operations. The impact is significant as it can impair user access and lead to potential data exposure.

Affected Version(s)

Emptoris Strategic Supply Management 10.0.0.0

Emptoris Strategic Supply Management 10.0.1.0

Emptoris Strategic Supply Management 10.0.2.0

References

http://www.securityfocus.com/bid/99589

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/118838

x_refsource_MISC

http://www.ibm.com/support/docview.wss?uid=swg22005839

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 13, 2017
Vulnerability Reserved
Oct 25, 2016

.

CVE-2016-8951 : Denial of Service Vulnerability in IBM Emptoris Strategic Supply Management Platform