Design/Logic Flaw

2018-08-2714:29:00

PRIOn knowledge base

www.prio-n.com

4.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

19.1%

JSON

IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 9.0.0.0 - 9.0.0.4, 8.0.0.0 - 8.0.0.19, 8.0.1.0 - 8.0.1.13, 8.0.3.0 - 8.0.3.6, 8.0.4.0 - 8.0.4.14, and 7.0.0.0 Feature Pack 8 could allow an authenticated user to obtain sensitive information about another user.

CPENameOperatorVersion
websphere_commerceeq7.0 featurepack8
websphere_commercege8.0.4.0
websphere_commercele8.0.4.14
websphere_commercege8.0.4.0
websphere_commercele8.0.4.14
websphere_commercege8.0.4.0
websphere_commercele8.0.4.14
websphere_commercege8.0.3.0
websphere_commercele8.0.3.6
websphere_commercege8.0.3.0

Name	Operator	Version
websphere_commerce	eq	7.0 featurepack8
websphere_commerce	ge	8.0.4.0
websphere_commerce	le	8.0.4.14
websphere_commerce	ge	8.0.4.0
websphere_commerce	le	8.0.4.14
websphere_commerce	ge	8.0.4.0
websphere_commerce	le	8.0.4.14
websphere_commerce	ge	8.0.3.0
websphere_commerce	le	8.0.3.6
websphere_commerce	ge	8.0.3.0