5

CVE-2010-2639

EPSS 0.29%
Published 06.12.2010 20:12:58
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages intended for other recipients via vectors involving access by the outbound messaging system to the RunTimeProfileCacheCmdImpl class, related to the caching of mutable objects and "concurrency issues."

Affected products Warnungen 0 Metrics 2 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Websphere Commerce Version7.0 Editionenterprise

Ibm ≫ Websphere Commerce Version7.0.0.1 Editionenterprise

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.29%	0.491

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www-01.ibm.com/support/docview.wss?uid=swg24028397

Vendor Advisory

http://www-1.ibm.com/support/docview.wss?uid=swg1JR38114

Vendor Advisory

http://www.securitytracker.com/id?1024845

https://exchange.xforce.ibmcloud.com/vulnerabilities/63406

https://nvd.nist.gov/vuln/detail/CVE-2010-2639

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-2639

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-2639

EUVD