CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 0CVE-2012-4855
https://notcve.org/view.php?id=CVE-2012-4855
Unspecified vulnerability in the web services framework in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 through 7.0.0.6 allows remote attackers to cause a denial of service (login outage) via unknown vectors. Vulnerabilidad no especificada en el framework de servicios web de IBM WebSphere Commerce v6.0 a la v6.0.0.11 y v7.0 a la v7.0.0.6 permite a atacantes remotos causar una denegación de servicio (parada de login) a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR44528 http://www-01.ibm.com/support/docview.wss?uid=swg1JR45471 http://www.ibm.com/support/docview.wss?uid=swg21618720 https://exchange.xforce.ibmcloud.com/vulnerabilities/79735 •
CVSS: 5.0EPSS: 0%CPEs: 34EXPL: 0CVE-2012-4830
https://notcve.org/view.php?id=CVE-2012-4830
Unspecified vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 through 7.0.0.6 allows remote attackers to obtain users' personal data via unknown vectors. Vulnerabilidad no especificada en IBM WebSphere Commerce v6.0 hasta v6.0.0.11 y 7.0 hasta v7.0.0.6, permite a atacantes remotos obtener datos personales de los usuarios a través de vectores desconocidos • http://osvdb.org/85868 http://www-01.ibm.com/support/docview.wss?uid=swg1SE53160 http://www-01.ibm.com/support/docview.wss?uid=swg21612484 https://exchange.xforce.ibmcloud.com/vulnerabilities/78867 •
CVSS: 2.6EPSS: 0%CPEs: 6EXPL: 0CVE-2012-3300
https://notcve.org/view.php?id=CVE-2012-3300
IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions and personalization IDs are enabled, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors. IBM WebSphere Commerce v7.0 antes de v7.0.0.6, cuando se habilitan las sesiones persistentes y los identificadores de personalización, permite a atacantes remotos provocar una denegación de servicio (consumo de recursos) a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR42771 http://www.ibm.com/support/docview.wss?uid=swg21610909 https://exchange.xforce.ibmcloud.com/vulnerabilities/77382 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2012-3298
https://notcve.org/view.php?id=CVE-2012-3298
Unspecified vulnerability in the REST services framework in IBM WebSphere Commerce 7.0 Feature Pack 4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors. Vulnerabilidad no especificada en en entorno de trabajo de servicios REST en IBM WebSphere Commerce v7.0 Feature Pack 4 permite a atacantes remotos obtener información sensible, modificar datos o provocar una denegación de servicio a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR42770 http://www.ibm.com/support/docview.wss?uid=swg21610905 https://exchange.xforce.ibmcloud.com/vulnerabilities/77294 •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 0CVE-2011-3577
https://notcve.org/view.php?id=CVE-2011-3577
IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.3 does not properly implement Activity Token authentication for Web Services, which has unspecified impact and attack vectors. IBM WebSphere Commerce v6.x a través de v6.0.0.11 y v7.0.0.3 7.x no aplica correctamente la autenticación Activity Token para Web Services, que tienen un impacto no especificado y vectores de ataque. • http://secunia.com/advisories/45999 http://www.ibm.com/support/docview.wss?uid=swg1JR40420 http://www.ibm.com/support/docview.wss?uid=swg24030908 http://www.osvdb.org/75428 http://www.securityfocus.com/bid/49643 https://exchange.xforce.ibmcloud.com/vulnerabilities/69838 • CWE-287: Improper Authentication •