IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.7 does not properly perform authentication for unspecified web services, which allows remote attackers to issue requests in the context of an arbitrary user's active session via unknown vectors.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2013-07-31T14:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2013-04-12T00:00:00
Link: CVE-2013-2993
JSON object: View
NVD Information
Status : Modified
Published: 2013-08-01T13:32:16.400
Modified: 2017-08-29T01:33:19.107
Link: CVE-2013-2993
JSON object: View
Redhat Information
No data.
CWE