Vulnerabilities > CVE-2015-7397 - Unspecified vulnerability in IBM Websphere Commerce 7.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
Multiple open redirect vulnerabilities in the Aurora starter store in IBM WebSphere Commerce 7.0 through Feature Pack 8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referrer parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://www.securitytracker.com/id/1034640
- http://www.securitytracker.com/id/1034640
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR54295
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR54295
- http://www-01.ibm.com/support/docview.wss?uid=swg21969562
- http://www-01.ibm.com/support/docview.wss?uid=swg21969562
- http://www-01.ibm.com/support/docview.wss?uid=swg24041142
- http://www-01.ibm.com/support/docview.wss?uid=swg24041142