IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 9.0.0.0 - 9.0.0.4, 8.0.0.0 - 8.0.0.19, 8.0.1.0 - 8.0.1.13, 8.0.3.0 - 8.0.3.6, 8.0.4.0 - 8.0.4.14, and 7.0.0.0 Feature Pack 8 could allow an authenticated user to obtain sensitive information about another user.
2018-08-27T14:29:00.867
2024-11-21T04:00:07.850
Modified
CVSSv3.0: 3.1 (LOW)
AV:N/AC:L/Au:S/C:P/I:N/A:N
8.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | websphere_commerce | ≤ 8.0.0.19 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.0.19 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.0.19 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.0.19 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.1.13 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.1.13 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.1.13 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.1.13 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.3.6 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.3.6 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.3.6 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.3.6 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.4.14 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.4.14 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.4.14 | Yes |
| Application | ibm | websphere_commerce | ≤ 8.0.4.14 | Yes |
| Application | ibm | websphere_commerce | ≤ 9.0.0.4 | Yes |
| Application | ibm | websphere_commerce | ≤ 9.0.0.4 | Yes |
| Application | ibm | websphere_commerce | ≤ 9.0.0.4 | Yes |
| Application | ibm | websphere_commerce | ≤ 9.0.0.4 | Yes |
| Application | ibm | websphere_commerce | 7.0 | Yes |