exploitDog

GHSA-95rc-cm6x-rc44

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 9.0.0.0 - 9.0.0.4, 8.0.0.0 - 8.0.0.19, 8.0.1.0 - 8.0.1.13, 8.0.3.0 - 8.0.3.6, 8.0.4.0 - 8.0.4.14, and 7.0.0.0 Feature Pack 8 could allow an authenticated user to obtain sensitive information about another user.

IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 9.0.0.0 - 9.0.0.4, 8.0.0.0 - 8.0.0.19, 8.0.1.0 - 8.0.1.13, 8.0.3.0 - 8.0.3.6, 8.0.4.0 - 8.0.4.14, and 7.0.0.0 Feature Pack 8 could allow an authenticated user to obtain sensitive information about another user.

Ссылки

EPSS

Процентиль: 37%

0.00156

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2018-1644

CVSS3: 3.1

nvd

больше 7 лет назад

IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 9.0.0.0 - 9.0.0.4, 8.0.0.0 - 8.0.0.19, 8.0.1.0 - 8.0.1.13, 8.0.3.0 - 8.0.3.6, 8.0.4.0 - 8.0.4.14, and 7.0.0.0 Feature Pack 8 could allow an authenticated user to obtain sensitive information about another user.

EPSS

Процентиль: 37%

0.00156

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-200