IBM Security Bulletin: Vulnerability in IBM WebSphere Application Server Affects IBM Emptoris Sourcing, IBM Emptoris Contract Management, IBM Emptoris Spend Analysis, IBM Emptoris Program Management and IBM Emptoris Service Procurement (CVE-2015-0899)

Jul 31, 2018 9:01 am EDT

Categorized: Medium Severity

Share this post:

The IBM Emptoris Sourcing, IBM Emptoris Contract Management, IBM Emptoris Spend Analysis, IBM Emptoris Program Management and IBM Emptoris Service Procurement products are affected by a vulnerability that exists in the IBM WebSphere Application Server. The security bulletin includes issues disclosed as part of the IBM WebSphere Application Server updates.

CVE(s): CVE-2015-0899

Affected product(s) and affected version(s):

IBM Emptoris Sourcing 10.0.0 through 10.1.1.21
IBM Emptoris Contract Management 10.0.0 through 10.1.1.21
IBM Emptoris Spend Analysis 10.0.0 through 10.1.1.21
IBM Emptoris Program Management 10.0.0 through 10.1.1.21
IBM Emptoris Services Procurement 10.0.0 through 10.1.1.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10719203
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/101770

from IBM Product Security Incident Response Team https://ift.tt/2ACqd3t