CVE-2011-3577

Sažetak

IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.3 does not properly implement Activity Token authentication for Web Services, which has unspecified impact and attack vectors.

Reference

http://secunia.com/advisories/45999
http://www.ibm.com/support/docview.wss?uid=swg1JR40420
http://www.ibm.com/support/docview.wss?uid=swg24030908
http://www.osvdb.org/75428
http://www.securityfocus.com/bid/49643
https://exchange.xforce.ibmcloud.com/vulnerabilities/69838

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

30-09-2019 - 16:19

Objavljeno

20-09-2011 - 10:55