CVE-2016-0225

MEDIUM

IBM WebSphere Commerce <7.0.0.9 - Info Disclosure

Title source: llm

Description

IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 allows remote authenticated Commerce Accelerator administrators to obtain sensitive information via unspecified vectors.

References (2)

Scores

CVSS v3 4.9
EPSS 0.0015
EPSS Percentile 36.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-284 CWE-200
Status draft

Affected Products (22)

ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
ibm/websphere_commerce
... and 7 more

Timeline

Published Feb 29, 2016
Tracked Since Feb 18, 2026