Ibm: >> Websphere Commerce >> 7.0.0.1 Security Vulnerabilities
Unspecified vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 through 7.0.0.6 allows remote attackers to obtain users' personal data via unknown vectors.
CVSS Score
5.0
EPSS Score
0.003
Published
2012-10-01
IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions and personalization IDs are enabled, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors.
CVSS Score
2.6
EPSS Score
0.006
Published
2012-09-25
IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.3 does not properly implement Activity Token authentication for Web Services, which has unspecified impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.012
Published
2011-09-20
IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages intended for other recipients via vectors involving access by the outbound messaging system to the RunTimeProfileCacheCmdImpl class, related to the caching of mutable objects and "concurrency issues."
CVSS Score
5.0
EPSS Score
0.003
Published
2010-12-06
Page 3