PT-2010-1271 · Ibm · Ibm Websphere Commerce

Published

2010-02-05

Updated

2017-08-17

CVE-2009-2752

CVSS v2.0

1.5

Low

Vector

AV:L/AC:M/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM WebSphere Commerce version 7.0

Description The issue concerns the improper encryption of data in a database, making it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.

Recommendations For IBM WebSphere Commerce version 7.0, ensure that proper encryption mechanisms are implemented to protect data in the database. Consider reconfiguring the database settings to enforce robust encryption.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2009-2752

Affected Products

Ibm Websphere Commerce

PT-2010-1271 · Ibm · Ibm Websphere Commerce

CVE-2009-2752

Weakness Enumeration

Related Identifiers

Affected Products

References · 5