Security Bulletin: WebSphere Commerce vulnerability could allow disclosure of user personal data (CVE-2013-0523)
IBM PSIRT 270004PFE3 firstname.lastname@example.org | | Tags:  psirtindustry psirtmedium
0 Comments | 2,320 Visits
Some WebSphere Commerce data may be encrypted using an encryption algorithm that is susceptible to a padding oracle attack which may allow for the disclosure of user personal data.
Affected product(s) and version(s):
Refer to the following reference URLs for remediation and additional vulnerability details.