CVE-2010-2639

IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages intended for other recipients via vectors involving access by the outbound messaging system to the RunTimeProfileCacheCmdImpl class, related to the caching of mutable objects and "concurrency issues."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
VendorProductVersion
ibmwebsphere_commerce
7.0
ibmwebsphere_commerce
7.0.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg24028397
http://www-1.ibm.com/support/docview.wss?uid=swg1JR38114
http://www.securitytracker.com/id?1024845
https://exchange.xforce.ibmcloud.com/vulnerabilities/63406
http://www-01.ibm.com/support/docview.wss?uid=swg24028397
http://www-1.ibm.com/support/docview.wss?uid=swg1JR38114
http://www.securitytracker.com/id?1024845
https://exchange.xforce.ibmcloud.com/vulnerabilities/63406