CVE-2019-4483

IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 164067.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:emptoris_spend_analysis:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:emptoris_contract_management:*:*:*:*:*:*:*:*

Information

Published : 2019-08-20 12:15

Updated : 2022-12-02 14:32


NVD link : CVE-2019-4483

Mitre link : CVE-2019-4483


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

ibm

  • emptoris_spend_analysis
  • emptoris_contract_management