CVE-2015-0200Sensitive Information Exposure in IBM Websphere Commerce

CWE-200Sensitive Information Exposure5 documents5 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 82.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Commerce
Timeline
PublishedMay 29
Latest updateMay 13

Description

IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x before 7.0.0.8 IF2 allows local users to obtain sensitive database information via unspecified vectors.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDibm/websphere_commerce21 versions+20

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-vwhc-q963-q7w6: IBM WebSphere Commerce 62022-05-13
CVEList
CVE-2015-0200: IBM WebSphere Commerce 62015-05-29

💥Exploits & PoCs

1
Exploit-DB
Systemd 228 (SUSE 12 SP2 / Ubuntu Touch 15.04) - Local Privilege Escalation2017-01-24

💬Community

1
Bugzilla
CVE-2015-2704 realmd: untrusted data is used when configuring sssd.conf and/or smb.conf2015-03-25