Vulnerabilities > IBM > Emptoris Strategic Supply Management > High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-07	CVE-2020-4898	Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. network low complexity ibm CWE-327	7.5
2017-09-05	CVE-2017-1097	Cross-Site Request Forgery (CSRF) vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. network low complexity ibm CWE-352	8.8
2017-07-13	CVE-2016-8951	Improper Authentication vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to a denial of service attack. network low complexity ibm CWE-287	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.