{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T07:34:56.693","vulnerabilities":[{"cve":{"id":"CVE-2018-1644","sourceIdentifier":"psirt@us.ibm.com","published":"2018-08-27T14:29:00.867","lastModified":"2024-11-21T04:00:07.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 9.0.0.0 - 9.0.0.4, 8.0.0.0 - 8.0.0.19, 8.0.1.0 - 8.0.1.13, 8.0.3.0 - 8.0.3.6, 8.0.4.0 - 8.0.4.14, and 7.0.0.0 Feature Pack 8 could allow an authenticated user to obtain sensitive information about another user."},{"lang":"es","value":"IBM WebSphere Commerce Enterprise, Professional, Express y Developer 9.0.0.0 - 9.0.0.4, 8.0.0.0 - 8.0.0.19, 8.0.1.0 - 8.0.1.13, 8.0.3.0 - 8.0.3.6, 8.0.4.0 - 8.0.4.14 y 7.0.0.0 Feature Pack 8 podrían permitir que un usuario autenticado obtenga información sensible sobre otro usuario."}],"metrics":{"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:developer:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.0.0.19","matchCriteriaId":"4B62A0C9-90E3-4E6B-B38E-1C42771A9682"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.0.0.19","matchCriteriaId":"0FA13C9C-4C02-43D7-B26A-1E2BC677F809"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:express:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.0.0.19","matchCriteriaId":"2CB4DE96-3BF0-4414-BCD4-0EDACF528D96"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:professional:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.0.0.19","matchCriteriaId":"62202904-9E60-4867-8F8C-78F3ADB35E5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:developer:*:*:*","versionStartIncluding":"8.0.1.0","versionEndIncluding":"8.0.1.13","matchCriteriaId":"2A9EA16E-66DF-467C-8989-02F0910FBDF1"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"8.0.1.0","versionEndIncluding":"8.0.1.13","matchCriteriaId":"336FB46A-F478-4AE5-B13F-D663322CE253"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:express:*:*:*","versionStartIncluding":"8.0.1.0","versionEndIncluding":"8.0.1.13","matchCriteriaId":"1E39B661-02F0-411A-BC3F-03F21EE55FEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:professional:*:*:*","versionStartIncluding":"8.0.1.0","versionEndIncluding":"8.0.1.13","matchCriteriaId":"C69CD787-B3A0-4F5D-B55C-2FD861BA91D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:developer:*:*:*","versionStartIncluding":"8.0.3.0","versionEndIncluding":"8.0.3.6","matchCriteriaId":"4B55E2F7-6687-47FF-BED6-57116A71F131"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"8.0.3.0","versionEndIncluding":"8.0.3.6","matchCriteriaId":"69EB2121-48E3-4207-9D23-456E1C41190D"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:express:*:*:*","versionStartIncluding":"8.0.3.0","versionEndIncluding":"8.0.3.6","matchCriteriaId":"27F388EA-773F-46FE-B4CA-0531DEDFB0D0"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:professional:*:*:*","versionStartIncluding":"8.0.3.0","versionEndIncluding":"8.0.3.6","matchCriteriaId":"016DC77E-1C40-4FE5-ADBE-D60E7B55D286"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:developer:*:*:*","versionStartIncluding":"8.0.4.0","versionEndIncluding":"8.0.4.14","matchCriteriaId":"6B2232CA-F919-432A-AB6D-7D1831E53A7F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"8.0.4.0","versionEndIncluding":"8.0.4.14","matchCriteriaId":"398CA5FE-4430-474F-B119-8CFD9ABE8296"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:express:*:*:*","versionStartIncluding":"8.0.4.0","versionEndIncluding":"8.0.4.14","matchCriteriaId":"580B0D48-39C9-4335-8842-A3065BCE3B37"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:professional:*:*:*","versionStartIncluding":"8.0.4.0","versionEndIncluding":"8.0.4.14","matchCriteriaId":"D55C11E6-1D7F-40E2-8D0C-1D03D52A3473"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:developer:*:*:*","versionStartIncluding":"9.0.0.0","versionEndIncluding":"9.0.0.4","matchCriteriaId":"F4442A95-E915-4663-B968-1872CC0B634E"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.0.0.0","versionEndIncluding":"9.0.0.4","matchCriteriaId":"E0761F7F-255C-4D7E-982D-CC83EC999839"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:express:*:*:*","versionStartIncluding":"9.0.0.0","versionEndIncluding":"9.0.0.4","matchCriteriaId":"EA470530-44E3-4D4D-84FD-1D90923EAB5E"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:*:*:*:*:professional:*:*:*","versionStartIncluding":"9.0.0.0","versionEndIncluding":"9.0.0.4","matchCriteriaId":"539C827B-CCE9-4C5F-BABD-5E4BD753BB7F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_commerce:7.0:feature_pack_8:*:*:*:*:*:*","matchCriteriaId":"7C20CB96-9E05-4702-94F1-E6C7439FAA13"}]}]}],"references":[{"url":"http://www.ibm.com/support/docview.wss?uid=ibm10728829","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/144589","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"http://www.ibm.com/support/docview.wss?uid=ibm10728829","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/144589","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]}]}}]}