CVE-2010-2639

high

Description

IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages intended for other recipients via vectors involving access by the outbound messaging system to the RunTimeProfileCacheCmdImpl class, related to the caching of mutable objects and "concurrency issues."

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/63406

http://www.securitytracker.com/id?1024845

http://www-1.ibm.com/support/docview.wss?uid=swg1JR38114

http://www-01.ibm.com/support/docview.wss?uid=swg24028397

Details

Source: Mitre, NVD

Published: 2010-12-06

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00286