IBM Security Bulletin: IBM WebSphere Commerce admin utilities could lead to disclosure of user personal data (CVE-2016-5894)

IBM WebSphere Commerce administrative utilities could lead to disclosure of user personal data.

CVE(s): CVE-2016-5894

Affected product(s) and affected version(s):

WebSphere Commerce versions 8.0.1.0 or higher fix pack
WebSphere Commerce versions 8.0.0.0 or higher fix pack
WebSphere Commerce versions 7.0.0.0 – 7.0.0.9

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2n6i4IT
X-Force Database: http://ift.tt/2mMW21s

The post IBM Security Bulletin: IBM WebSphere Commerce admin utilities could lead to disclosure of user personal data (CVE-2016-5894) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2n6dFpo