5

CVE-2010-2639

EPSS 0.29%
Veröffentlicht 06.12.2010 20:12:58
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages intended for other recipients via vectors involving access by the outbound messaging system to the RunTimeProfileCacheCmdImpl class, related to the caching of mutable objects and "concurrency issues."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Websphere Commerce Version7.0 Editionenterprise

Ibm ≫ Websphere Commerce Version7.0.0.1 Editionenterprise

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.29%	0.491

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www-01.ibm.com/support/docview.wss?uid=swg24028397

Vendor Advisory

http://www-1.ibm.com/support/docview.wss?uid=swg1JR38114

Vendor Advisory

http://www.securitytracker.com/id?1024845

https://exchange.xforce.ibmcloud.com/vulnerabilities/63406

https://nvd.nist.gov/vuln/detail/CVE-2010-2639

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-2639

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-2639

EUVD