CVE-2013-2992 — Improper Input Validation in IBM Websphere Commerce
Severity
4.3MEDIUMNVD
EPSS
1.1%
top 22.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 9
Latest updateMay 17
Description
The Search component in IBM WebSphere Commerce 7.0 FP4 through FP6, in certain search-term association configurations, allows remote attackers to cause a denial of service via a crafted query.
CVSS vector
AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9