CVE-2013-2993 in IBM WebSphere Commerceinfo

Summary

IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.7 does not properly perform authentication for unspecified web services, which allows remote attackers to issue requests in the context of an arbitrary user s active session via unknown vectors.

Reservation

04/12/2013

Disclosure

08/01/2013

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
9792	IBM WebSphere Commerce Request Validation improper authentication	287	Unproven	Official fix	CVE-2013-2993

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!