Vulnerability Details CVE-2013-2992
The Search component in IBM WebSphere Commerce 7.0 FP4 through FP6, in certain search-term association configurations, allows remote attackers to cause a denial of service via a crafted query.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.9%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR46013
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR47273
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR47295
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR47313
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR47420
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR47425
- http://www-01.ibm.com/support/docview.wss?uid=swg21648644
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84018
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR46013
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR47273
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR47295
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR47313
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR47420
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR47425
- http://www-01.ibm.com/support/docview.wss?uid=swg21648644
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84018
Products affected by CVE-2013-2992
-
cpe:2.3:a:ibm:websphere_commerce:7.0.0.4
-
cpe:2.3:a:ibm:websphere_commerce:7.0.0.5
-
cpe:2.3:a:ibm:websphere_commerce:7.0.0.6