SE53160: Security APAR CVE-2012-4830 - CMVC 224463: Potential Information Disclosure vulnerability could expose user personal data.

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • A remote unauthenticated attacker could exploit a security
    vulnerability in WebSphere Commerce to expose user personal
    data. The attack can be performed manually and the effort
    required is comparatively low.
    

Local fix

Problem summary

  • USERS AFFECTED:
    WebSphere Commerce Versions 6.0.0.0 to 6.0.0.11
    WebSphere Commerce Versions 7.0.0.0 to 7.0.0.6
    
    PROBLEM ABSTRACT:
    Security APAR CVE-2012-4830: Potential Information Disclosure
    vulnerability could expose user personal data
    
    BUSINESS IMPACT:
    Security exposure
    
    RECOMMENDATION:
    

Problem conclusion

Temporary fix

Comments

APAR Information

  • APAR number

    SE53160

  • Reported component name

    WC BUS EDIT AS4

  • Reported component ID

    5724I3803

  • Reported release

    701

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    YesSpecatt / Pervasive

  • Submitted date

    2012-09-26

  • Closed date

    2012-10-24

  • Last modified date

    2012-12-05

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WC BUS EDIT AS4

  • Fixed component ID

    5724I3803

Applicable component levels

  • R701 PSY

       UP



Rate this page:

(0 users)Average rating

Document information


More support for:

WebSphere Commerce Enterprise

Software version:

701

Reference #:

SE53160

Modified date:

2012-12-05

Translate my page

Machine Translation

Content navigation