CVE-2012-3300
Published Sep 25, 2012
Last updated 7 years ago
Overview
- Description
- IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions and personalization IDs are enabled, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.6
- Impact score
- 2.9
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-399
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "775206CE-A901-4653-BD17-DE1BFBA076FD"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "213C52C9-C5B5-4F26-BBB7-EE0824A995AD"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CC937CD-1BE1-4827-9145-E2EA7F3AA792"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A6189A9-E083-41D3-9D36-7B41D82EC197"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE6F4DC0-41E3-4F73-9F62-3D415F8949C9"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_commerce:7.0.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1ACFED34-9B1E-4950-9D03-756942EF32F0"
}
],
"operator": "OR"
}
]
}
]