cvelistv5 - CVE-2016-5894

CVE-2016-5894 (GCVE-0-2016-5894)

Vulnerability from cvelistv5 – Published: 2017-03-08 19:00 – Updated: 2024-08-06 01:15

Summary

IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408.

Severity ?

No CVSS data available.

CWE

Obtain Information

Assigner

ibm

References

URL

Tags

	http://www.ibm.com/support/docview.wss?uid=swg21997408	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1037962	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/96624	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	IBM Corporation	WebSphere Commerce Enterprise	Affected: 7.0 Affected: 8.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:15:10.793Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21997408"
          },
          {
            "name": "1037962",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037962"
          },
          {
            "name": "96624",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96624"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WebSphere Commerce Enterprise",
          "vendor": "IBM Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "7.0"
            },
            {
              "status": "affected",
              "version": "8.0"
            }
          ]
        }
      ],
      "datePublic": "2017-03-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Obtain Information",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-14T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21997408"
        },
        {
          "name": "1037962",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037962"
        },
        {
          "name": "96624",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96624"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2016-5894",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WebSphere Commerce Enterprise",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.0"
                          },
                          {
                            "version_value": "8.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Obtain Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21997408",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21997408"
            },
            {
              "name": "1037962",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037962"
            },
            {
              "name": "96624",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96624"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2016-5894",
    "datePublished": "2017-03-08T19:00:00",
    "dateReserved": "2016-06-29T00:00:00",
    "dateUpdated": "2024-08-06T01:15:10.793Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"775206CE-A901-4653-BD17-DE1BFBA076FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:7.0.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"213C52C9-C5B5-4F26-BBB7-EE0824A995AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:7.0.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CC937CD-1BE1-4827-9145-E2EA7F3AA792\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:7.0.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A6189A9-E083-41D3-9D36-7B41D82EC197\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:7.0.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE6F4DC0-41E3-4F73-9F62-3D415F8949C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:7.0.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1ACFED34-9B1E-4950-9D03-756942EF32F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:7.0.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"202F791B-697B-4D9C-BF5D-84F7C657C790\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:7.0.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"012405FA-CE85-47B6-B368-2EAEBD06A15E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:7.0.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"05260EDC-BD28-4F89-809A-7852E294A540\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:7.0.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66F86968-8BD4-42D0-A5C5-9685E3287D01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE2E7243-19A2-47B2-905E-47219F08F4EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C534568E-A611-472C-9399-15FC66D875C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AEF3D419-A12C-4A21-9796-DBB73D638E91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87504CD1-92DA-4847-BDA7-013622CA7AB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"625E1896-9035-46F3-957B-83FB128F90F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F3AC68C-CCA2-495D-AE21-04C937CD5340\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E56CE80F-A7E1-4BE0-9679-BB4F94362B06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF3C8F33-D613-4183-ABE1-5A3A08C16BE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44B5F593-BE92-4E37-9EE9-42C05FA87DF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58D19E4D-A256-44D5-A8D8-7C9F3A64B09B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12961C31-63AD-4AA8-8267-E003F985CE95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D9D8DAA-285C-4ED1-A602-412725FD79AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C75B5188-E337-4240-9834-92C11DCE9DA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA2E3F22-60F9-4B70-9485-6DDAC7FE4496\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8902699B-AE6A-44A4-838A-28F3EB62881B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB50A02C-E75F-4602-BDAA-FA4CBEE9CB0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FEC536A-498B-439F-927E-B72314F8B0A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE0A8CAD-D5DD-45DE-900F-046673002D3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC353B83-4053-4762-8E90-9E96AA30F04B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.0.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78A3EBB9-C6B1-4A2D-A4E5-2D3E53A1CF02\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17E1895E-384D-4EF3-A395-7AFFC22E46CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"438E93D2-502F-4569-AB8A-EFECA403798F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"64287718-D7AD-425B-B7B7-A6442BFD5671\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1523569-2A23-4689-BE59-F74E678A8B2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9F4B2FD-14BA-46D9-B09F-1DABBA88FF1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57B22C48-3347-422C-9730-0A9442645D20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BDA8ACF-4134-434E-A5FD-39A587DE27FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6CFB25F3-6FD7-45C9-AFCF-FAB034107E19\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7BCC81A-B7DA-40B9-B883-A00DF9CE585B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F8C98FD-E4AB-4BC8-9729-652294B1DF24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21C13D23-08C9-4836-A204-5168C8B019AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:websphere_commerce:8.0.1.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE36EB64-A7C6-42F2-876D-B7DBAF7C83BA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408.\"}, {\"lang\": \"es\", \"value\": \"IBM WebSphere Commerce Enterprise, Professional, Express y Developer 7.0 y 8.0 es vulnerable a vulnerabilidad de divulgaci\\u00f3n de informaci\\u00f3n. Un usuario local podr\\u00eda ver una contrase\\u00f1a en texto plano en una consola Unix. Referencia IBM #: 1997408.\"}]",
      "id": "CVE-2016-5894",
      "lastModified": "2024-11-21T02:55:12.520",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.4, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:P/I:N/A:N\", \"baseScore\": 1.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.4, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-03-08T19:59:00.160",
      "references": "[{\"url\": \"http://www.ibm.com/support/docview.wss?uid=swg21997408\", \"source\": \"psirt@us.ibm.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/96624\", \"source\": \"psirt@us.ibm.com\"}, {\"url\": \"http://www.securitytracker.com/id/1037962\", \"source\": \"psirt@us.ibm.com\"}, {\"url\": \"http://www.ibm.com/support/docview.wss?uid=swg21997408\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/96624\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1037962\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "psirt@us.ibm.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-5894\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2017-03-08T19:59:00.160\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408.\"},{\"lang\":\"es\",\"value\":\"IBM WebSphere Commerce Enterprise, Professional, Express y Developer 7.0 y 8.0 es vulnerable a vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n. Un usuario local podr\u00eda ver una contrase\u00f1a en texto plano en una consola Unix. Referencia IBM #: 1997408.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.4,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":1.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.4,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"775206CE-A901-4653-BD17-DE1BFBA076FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:7.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"213C52C9-C5B5-4F26-BBB7-EE0824A995AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:7.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CC937CD-1BE1-4827-9145-E2EA7F3AA792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:7.0.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A6189A9-E083-41D3-9D36-7B41D82EC197\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:7.0.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE6F4DC0-41E3-4F73-9F62-3D415F8949C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:7.0.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ACFED34-9B1E-4950-9D03-756942EF32F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:7.0.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202F791B-697B-4D9C-BF5D-84F7C657C790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:7.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"012405FA-CE85-47B6-B368-2EAEBD06A15E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:7.0.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05260EDC-BD28-4F89-809A-7852E294A540\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:7.0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F86968-8BD4-42D0-A5C5-9685E3287D01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE2E7243-19A2-47B2-905E-47219F08F4EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C534568E-A611-472C-9399-15FC66D875C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEF3D419-A12C-4A21-9796-DBB73D638E91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87504CD1-92DA-4847-BDA7-013622CA7AB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"625E1896-9035-46F3-957B-83FB128F90F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F3AC68C-CCA2-495D-AE21-04C937CD5340\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E56CE80F-A7E1-4BE0-9679-BB4F94362B06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF3C8F33-D613-4183-ABE1-5A3A08C16BE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44B5F593-BE92-4E37-9EE9-42C05FA87DF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58D19E4D-A256-44D5-A8D8-7C9F3A64B09B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12961C31-63AD-4AA8-8267-E003F985CE95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D9D8DAA-285C-4ED1-A602-412725FD79AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C75B5188-E337-4240-9834-92C11DCE9DA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA2E3F22-60F9-4B70-9485-6DDAC7FE4496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8902699B-AE6A-44A4-838A-28F3EB62881B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB50A02C-E75F-4602-BDAA-FA4CBEE9CB0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FEC536A-498B-439F-927E-B72314F8B0A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE0A8CAD-D5DD-45DE-900F-046673002D3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC353B83-4053-4762-8E90-9E96AA30F04B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78A3EBB9-C6B1-4A2D-A4E5-2D3E53A1CF02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17E1895E-384D-4EF3-A395-7AFFC22E46CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"438E93D2-502F-4569-AB8A-EFECA403798F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64287718-D7AD-425B-B7B7-A6442BFD5671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1523569-2A23-4689-BE59-F74E678A8B2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9F4B2FD-14BA-46D9-B09F-1DABBA88FF1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57B22C48-3347-422C-9730-0A9442645D20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BDA8ACF-4134-434E-A5FD-39A587DE27FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CFB25F3-6FD7-45C9-AFCF-FAB034107E19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7BCC81A-B7DA-40B9-B883-A00DF9CE585B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F8C98FD-E4AB-4BC8-9729-652294B1DF24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21C13D23-08C9-4836-A204-5168C8B019AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_commerce:8.0.1.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE36EB64-A7C6-42F2-876D-B7DBAF7C83BA\"}]}]}],\"references\":[{\"url\":\"http://www.ibm.com/support/docview.wss?uid=swg21997408\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/96624\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www.securitytracker.com/id/1037962\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www.ibm.com/support/docview.wss?uid=swg21997408\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/96624\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1037962\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2016-5894

Vulnerability from fkie_nvd - Published: 2017-03-08 19:59 - Updated: 2025-04-20 01:37

Severity ?

5.1 (Medium) - CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg21997408	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/96624
psirt@us.ibm.com	http://www.securitytracker.com/id/1037962
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21997408	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/96624
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037962

Impacted products

Vendor	Product	Version
ibm	websphere_commerce	7.0
ibm	websphere_commerce	7.0.0.1
ibm	websphere_commerce	7.0.0.2
ibm	websphere_commerce	7.0.0.3
ibm	websphere_commerce	7.0.0.4
ibm	websphere_commerce	7.0.0.5
ibm	websphere_commerce	7.0.0.6
ibm	websphere_commerce	7.0.0.7
ibm	websphere_commerce	7.0.0.8
ibm	websphere_commerce	7.0.0.9
ibm	websphere_commerce	8.0.0.0
ibm	websphere_commerce	8.0.0.1
ibm	websphere_commerce	8.0.0.2
ibm	websphere_commerce	8.0.0.3
ibm	websphere_commerce	8.0.0.4
ibm	websphere_commerce	8.0.0.5
ibm	websphere_commerce	8.0.0.6
ibm	websphere_commerce	8.0.0.7
ibm	websphere_commerce	8.0.0.8
ibm	websphere_commerce	8.0.0.9
ibm	websphere_commerce	8.0.0.10
ibm	websphere_commerce	8.0.0.11
ibm	websphere_commerce	8.0.0.12
ibm	websphere_commerce	8.0.0.13
ibm	websphere_commerce	8.0.0.14
ibm	websphere_commerce	8.0.0.15
ibm	websphere_commerce	8.0.0.16
ibm	websphere_commerce	8.0.0.17
ibm	websphere_commerce	8.0.0.18
ibm	websphere_commerce	8.0.0.19
ibm	websphere_commerce	8.0.1.0
ibm	websphere_commerce	8.0.1.1
ibm	websphere_commerce	8.0.1.2
ibm	websphere_commerce	8.0.1.3
ibm	websphere_commerce	8.0.1.4
ibm	websphere_commerce	8.0.1.5
ibm	websphere_commerce	8.0.1.6
ibm	websphere_commerce	8.0.1.7
ibm	websphere_commerce	8.0.1.8
ibm	websphere_commerce	8.0.1.9
ibm	websphere_commerce	8.0.1.11
ibm	websphere_commerce	8.0.1.12

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "775206CE-A901-4653-BD17-DE1BFBA076FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "213C52C9-C5B5-4F26-BBB7-EE0824A995AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC937CD-1BE1-4827-9145-E2EA7F3AA792",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A6189A9-E083-41D3-9D36-7B41D82EC197",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE6F4DC0-41E3-4F73-9F62-3D415F8949C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACFED34-9B1E-4950-9D03-756942EF32F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "202F791B-697B-4D9C-BF5D-84F7C657C790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "012405FA-CE85-47B6-B368-2EAEBD06A15E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "05260EDC-BD28-4F89-809A-7852E294A540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F86968-8BD4-42D0-A5C5-9685E3287D01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE2E7243-19A2-47B2-905E-47219F08F4EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C534568E-A611-472C-9399-15FC66D875C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEF3D419-A12C-4A21-9796-DBB73D638E91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "87504CD1-92DA-4847-BDA7-013622CA7AB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "625E1896-9035-46F3-957B-83FB128F90F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F3AC68C-CCA2-495D-AE21-04C937CD5340",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E56CE80F-A7E1-4BE0-9679-BB4F94362B06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF3C8F33-D613-4183-ABE1-5A3A08C16BE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "44B5F593-BE92-4E37-9EE9-42C05FA87DF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "58D19E4D-A256-44D5-A8D8-7C9F3A64B09B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "12961C31-63AD-4AA8-8267-E003F985CE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D9D8DAA-285C-4ED1-A602-412725FD79AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "C75B5188-E337-4240-9834-92C11DCE9DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA2E3F22-60F9-4B70-9485-6DDAC7FE4496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "8902699B-AE6A-44A4-838A-28F3EB62881B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB50A02C-E75F-4602-BDAA-FA4CBEE9CB0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FEC536A-498B-439F-927E-B72314F8B0A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0A8CAD-D5DD-45DE-900F-046673002D3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC353B83-4053-4762-8E90-9E96AA30F04B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "78A3EBB9-C6B1-4A2D-A4E5-2D3E53A1CF02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17E1895E-384D-4EF3-A395-7AFFC22E46CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "438E93D2-502F-4569-AB8A-EFECA403798F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "64287718-D7AD-425B-B7B7-A6442BFD5671",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1523569-2A23-4689-BE59-F74E678A8B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F4B2FD-14BA-46D9-B09F-1DABBA88FF1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B22C48-3347-422C-9730-0A9442645D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BDA8ACF-4134-434E-A5FD-39A587DE27FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CFB25F3-6FD7-45C9-AFCF-FAB034107E19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7BCC81A-B7DA-40B9-B883-A00DF9CE585B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F8C98FD-E4AB-4BC8-9729-652294B1DF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "21C13D23-08C9-4836-A204-5168C8B019AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE36EB64-A7C6-42F2-876D-B7DBAF7C83BA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408."
    },
    {
      "lang": "es",
      "value": "IBM WebSphere Commerce Enterprise, Professional, Express y Developer 7.0 y 8.0 es vulnerable a vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n. Un usuario local podr\u00eda ver una contrase\u00f1a en texto plano en una consola Unix. Referencia IBM #: 1997408."
    }
  ],
  "id": "CVE-2016-5894",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.9,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.4,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-03-08T19:59:00.160",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21997408"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securityfocus.com/bid/96624"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id/1037962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21997408"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/96624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037962"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2017-03122

Vulnerability from cnvd - Published: 2017-03-22

Title

IBM WebSphere Commerce本地信息泄露漏洞（CNVD-2017-03122）

Description

IBM WebSphere Commerce是美国IBM公司的一套电子商务解决方案。该方案可在一个单一的客户交互平台上支持所有的销售业务模型，包括B2C、B2B和B2B2C。 IBM WebSphere Commerce存在信息泄露漏洞。攻击者可利用此漏洞获取敏感信息的访问权限或绕过某些安全限制并执行未授权的操作，失败的攻击会导致拒绝服务。

Severity

低

Patch Name

IBM WebSphere Commerce本地信息泄露漏洞（CNVD-2017-03122）的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： http://www-01.ibm.com/support/docview.wss?uid=swg21997408

Reference

http://www.securityfocus.com/bid/96624

Impacted products

Name
['IBM Websphere Commerce 8.0.1.8', 'IBM Websphere Commerce 8.0.1.2', 'IBM Websphere Commerce 8.0.1.1', 'IBM Websphere Commerce 8.0.1.0', 'IBM Websphere Commerce 8.0.0.9', 'IBM Websphere Commerce 8.0.0.8', 'IBM Websphere Commerce 8.0.0.7', 'IBM Websphere Commerce 8.0.0.6', 'IBM Websphere Commerce 8.0.0.5', 'IBM Websphere Commerce 8.0.0.4', 'IBM Websphere Commerce 8.0.0.2', 'IBM Websphere Commerce 8.0.0.16', 'IBM Websphere Commerce 8.0.0.10', 'IBM Websphere Commerce 7.0.0.9', 'IBM Websphere Commerce 7.0.0.6', 'IBM Websphere Commerce 7.0.0.5', 'IBM Websphere Commerce 7.0.0.4', 'IBM Websphere Commerce 7.0.0.3', 'IBM Websphere Commerce 7.0.0.0']

Name

['IBM Websphere Commerce 8.0.1.8', 'IBM Websphere Commerce 8.0.1.2', 'IBM Websphere Commerce 8.0.1.1', 'IBM Websphere Commerce 8.0.1.0', 'IBM Websphere Commerce 8.0.0.9', 'IBM Websphere Commerce 8.0.0.8', 'IBM Websphere Commerce 8.0.0.7', 'IBM Websphere Commerce 8.0.0.6', 'IBM Websphere Commerce 8.0.0.5', 'IBM Websphere Commerce 8.0.0.4', 'IBM Websphere Commerce 8.0.0.2', 'IBM Websphere Commerce 8.0.0.16', 'IBM Websphere Commerce 8.0.0.10', 'IBM Websphere Commerce 7.0.0.9', 'IBM Websphere Commerce 7.0.0.6', 'IBM Websphere Commerce 7.0.0.5', 'IBM Websphere Commerce 7.0.0.4', 'IBM Websphere Commerce 7.0.0.3', 'IBM Websphere Commerce 7.0.0.0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "96624"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-5894",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5894"
    }
  },
  "description": "IBM WebSphere Commerce\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4e00\u5957\u7535\u5b50\u5546\u52a1\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u53ef\u5728\u4e00\u4e2a\u5355\u4e00\u7684\u5ba2\u6237\u4ea4\u4e92\u5e73\u53f0\u4e0a\u652f\u6301\u6240\u6709\u7684\u9500\u552e\u4e1a\u52a1\u6a21\u578b\uff0c\u5305\u62ecB2C\u3001B2B\u548cB2B2C\u3002\r\n\r\nIBM WebSphere Commerce\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u7684\u8bbf\u95ee\u6743\u9650\u6216\u7ed5\u8fc7\u67d0\u4e9b\u5b89\u5168\u9650\u5236\u5e76\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c\uff0c\u5931\u8d25\u7684\u653b\u51fb\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "IBM",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://www-01.ibm.com/support/docview.wss?uid=swg21997408",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-03122",
  "openTime": "2017-03-22",
  "patchDescription": "IBM WebSphere Commerce\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4e00\u5957\u7535\u5b50\u5546\u52a1\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u53ef\u5728\u4e00\u4e2a\u5355\u4e00\u7684\u5ba2\u6237\u4ea4\u4e92\u5e73\u53f0\u4e0a\u652f\u6301\u6240\u6709\u7684\u9500\u552e\u4e1a\u52a1\u6a21\u578b\uff0c\u5305\u62ecB2C\u3001B2B\u548cB2B2C\u3002\r\n\r\nIBM WebSphere Commerce\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u7684\u8bbf\u95ee\u6743\u9650\u6216\u7ed5\u8fc7\u67d0\u4e9b\u5b89\u5168\u9650\u5236\u5e76\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c\uff0c\u5931\u8d25\u7684\u653b\u51fb\u4f1a\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "IBM WebSphere Commerce\u672c\u5730\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2017-03122\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "IBM Websphere Commerce 8.0.1.8",
      "IBM Websphere Commerce 8.0.1.2",
      "IBM Websphere Commerce 8.0.1.1",
      "IBM Websphere Commerce 8.0.1.0",
      "IBM Websphere Commerce 8.0.0.9",
      "IBM Websphere Commerce 8.0.0.8",
      "IBM Websphere Commerce 8.0.0.7",
      "IBM Websphere Commerce 8.0.0.6",
      "IBM Websphere Commerce 8.0.0.5",
      "IBM Websphere Commerce 8.0.0.4",
      "IBM Websphere Commerce 8.0.0.2",
      "IBM Websphere Commerce 8.0.0.16",
      "IBM Websphere Commerce 8.0.0.10",
      "IBM Websphere Commerce 7.0.0.9",
      "IBM Websphere Commerce 7.0.0.6",
      "IBM Websphere Commerce 7.0.0.5",
      "IBM Websphere Commerce 7.0.0.4",
      "IBM Websphere Commerce 7.0.0.3",
      "IBM Websphere Commerce 7.0.0.0"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/96624",
  "serverity": "\u4f4e",
  "submitTime": "2017-03-08",
  "title": "IBM WebSphere Commerce\u672c\u5730\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2017-03122\uff09"
}

GSD-2016-5894

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-5894

Aliases

CVE-2016-5894

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-5894",
    "description": "IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408.",
    "id": "GSD-2016-5894"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-5894"
      ],
      "details": "IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408.",
      "id": "GSD-2016-5894",
      "modified": "2023-12-13T01:21:25.883766Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@us.ibm.com",
        "ID": "CVE-2016-5894",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "WebSphere Commerce Enterprise",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "7.0"
                        },
                        {
                          "version_value": "8.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "IBM Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Obtain Information"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.ibm.com/support/docview.wss?uid=swg21997408",
            "refsource": "CONFIRM",
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21997408"
          },
          {
            "name": "1037962",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1037962"
          },
          {
            "name": "96624",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/96624"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:websphere_commerce:8.0.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2016-5894"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21997408",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21997408"
            },
            {
              "name": "96624",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/96624"
            },
            {
              "name": "1037962",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1037962"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 1.9,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 1.4,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-09-30T16:19Z",
      "publishedDate": "2017-03-08T19:59Z"
    }
  }
}

GHSA-9XHP-R5X3-PVV6

Vulnerability from github – Published: 2022-05-13 01:54 – Updated: 2022-05-13 01:54

Details

Severity ?

5.1 (Medium)


                  
                    CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-5894"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-08T19:59:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408.",
  "id": "GHSA-9xhp-r5x3-pvv6",
  "modified": "2022-05-13T01:54:00Z",
  "published": "2022-05-13T01:54:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5894"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21997408"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/96624"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037962"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-5894 (GCVE-0-2016-5894)

FKIE_CVE-2016-5894

CNVD-2017-03122

GSD-2016-5894

GHSA-9XHP-R5X3-PVV6

Tags

Sightings

Nomenclature