CVE-2011-3577 Information

Description

IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.3 does not properly implement Activity Token authentication for Web Services which has unspecified impact and attack vectors.

Reference

http://secunia.com/advisories/45999 http://www.ibm.com/support/docview.wss?uid=swg1JR40420 http://www.ibm.com/support/docview.wss?uid=swg24030908 http://www.osvdb.org/75428 http://www.securityfocus.com/bid/49643 https://exchange.xforce.ibmcloud.com/vulnerabilities/69838