CVE-2009-2094

EUVD-2009-2090
Unspecified vulnerability in IBM WebSphere Commerce 6.0 Enterprise before 6.0.0.8, when trace is enabled, allows local users to obtain sensitive information via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
1.5 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:S/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_commerce
6.0.0.1
ibmwebsphere_commerce
6.0.0.1
ibmwebsphere_commerce
6.0.0.2
ibmwebsphere_commerce
6.0.0.2
ibmwebsphere_commerce
6.0.0.3
ibmwebsphere_commerce
6.0.0.3
ibmwebsphere_commerce
6.0.0.4
ibmwebsphere_commerce
6.0.0.4
ibmwebsphere_commerce
6.0.0.5
ibmwebsphere_commerce
6.0.0.5
ibmwebsphere_commerce
6.0.0.6
ibmwebsphere_commerce
6.0.0.6
𝑥
= Vulnerable software versions
References
http://publib.boulder.ibm.com/infocenter/wchelp/v6r0m0/topic/com.ibm.commerce.admin.doc/refs/rig_new_and_changed.htm
http://www-1.ibm.com/support/docview.wss?uid=swg1LI74286
https://exchange.xforce.ibmcloud.com/vulnerabilities/52398
http://publib.boulder.ibm.com/infocenter/wchelp/v6r0m0/topic/com.ibm.commerce.admin.doc/refs/rig_new_and_changed.htm
http://www-1.ibm.com/support/docview.wss?uid=swg1LI74286
https://exchange.xforce.ibmcloud.com/vulnerabilities/52398