Design/Logic Flaw

2010-02-0522:30:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.1%

JSON

IBM WebSphere Commerce 7.0 uses the same cryptographic key for session attributes and merchant data encryption, which has unspecified impact and remote attack vectors.

CPENameOperatorVersion
websphere_commerceeq7.0

CPE	Name	Operator	Version
	websphere_commerce	eq	7.0

References

www-01.ibm.com/support/docview.wss?uid=swg21418443

www-1.ibm.com/support/docview.wss?uid=swg1JR35136

exchange.xforce.ibmcloud.com/vulnerabilities/56089