CVE-2013-2994 in WebSphere Commerceinformation

Résumé (Anglaise)

IBM WebSphere Commerce 7.0 Feature Pack 4 and Feature Pack 5 incorrectly maintains a valid session after unspecified interaction with REST services, which allows remote attackers to issue REST requests in the context of an arbitrary user s active session via unknown vectors.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Réserver

12/04/2013

Divulgation

01/08/2013

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
9791	IBM WebSphere Commerce REST Session élévation de privilèges	20	Non prouvée	Correctif officiel	CVE-2013-2994

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PrécédentAperçuSuivant ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!