Security Advisory

CVE-2013-2994

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-07-31 18:00:00

Last updated 2024-08-06 15:52:21

Assigner ibm

State PUBLISHED

Description

IBM WebSphere Commerce 7.0 Feature Pack 4 and Feature Pack 5 incorrectly maintains a valid session after unspecified interaction with REST services, which allows remote attackers to issue REST requests in the context of an arbitrary users active session via unknown vectors.

← Browse all CVEs View on cve.org ↗