Описание
IBM WebSphere Commerce 6.0 Feature Pack 2 through Feature Pack 5, 7.0.0.0 through 7.0.0.8, and 7.0 Feature Pack 1 through Feature Pack 7 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a malformed id parameter in a request.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:websphere_commerce:6.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_commerce:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_commerce:7.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_commerce:7.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_commerce:7.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_commerce:7.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_commerce:7.0.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_commerce:7.0.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_commerce:7.0.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_commerce:7.0.0.8:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01163
Низкий
7.1 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
IBM WebSphere Commerce 6.0 Feature Pack 2 through Feature Pack 5, 7.0.0.0 through 7.0.0.8, and 7.0 Feature Pack 1 through Feature Pack 7 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a malformed id parameter in a request.
EPSS
Процентиль: 78%
0.01163
Низкий
7.1 High
CVSS2
Дефекты
CWE-20