CVE-2009-2751

EUVD-2009-2741
IBM WebSphere Commerce 7.0 uses the same cryptographic key for session attributes and merchant data encryption, which has unspecified impact and remote attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_commerce
7.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21418443
http://www-1.ibm.com/support/docview.wss?uid=swg1JR35136
https://exchange.xforce.ibmcloud.com/vulnerabilities/56089
http://www-01.ibm.com/support/docview.wss?uid=swg21418443
http://www-1.ibm.com/support/docview.wss?uid=swg1JR35136
https://exchange.xforce.ibmcloud.com/vulnerabilities/56089