CVE-2015-7444
MEDIUMIBM WebSphere Commerce Enterprise <7.0.0.9 - Info Disclosure
Title source: llmDescription
The Update Installer in IBM WebSphere Commerce Enterprise 7.0.0.8 and 7.0.0.9 does not properly replicate the search index, which allows attackers to obtain sensitive information via unspecified vectors.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg24041614
Various Sources vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1JR54563
Scores
CVSS v3
5.3
EPSS
0.0086
EPSS Percentile
54.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (2)
ibm/websphere_commerce
7.0.0.8
ibm/websphere_commerce
7.0.0.9
Published
Feb 15, 2016
Tracked Since
Feb 18, 2026