PT-2016-4098 · Ibm · Ibm Websphere Commerce
Publicado
2016-02-29
·
Atualizado
2019-09-30
·
CVE-2016-0225
CVSS v3.1
4.9
Média
| Vetor | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM WebSphere Commerce versions 6.x through 6.0.0.11
IBM WebSphere Commerce versions 7.x through 7.0.0.9
Description
The issue allows remote authenticated Commerce Accelerator administrators to obtain sensitive information via unspecified vectors.
Recommendations
For versions 6.x through 6.0.0.11, update to a version later than 6.0.0.11.
For versions 7.x through 7.0.0.9, update to a version later than 7.0.0.9.
Correção
Improper Access Control
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Ibm Websphere Commerce