PT-2017-8807 · Ibm · Ibm Websphere Commerce

Published

2017-03-08

Updated

2019-09-30

CVE-2016-5894

CVSS v3.1

5.1

Medium

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM WebSphere Commerce versions 7.0 through 8.0

Description The issue allows a local user to view a plain text password in a Unix console, potentially leading to information disclosure.

Recommendations For versions 7.0 through 8.0, update the system to prevent local users from accessing the Unix console where the plain text password is visible.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2016-5894

Affected Products

Ibm Websphere Commerce

PT-2017-8807 · Ibm · Ibm Websphere Commerce

CVE-2016-5894

Weakness Enumeration

Related Identifiers

Affected Products

References · 5