Описание
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:001:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00121
Низкий
4 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.
EPSS
Процентиль: 32%
0.00121
Низкий
4 Medium
CVSS2
Дефекты
CWE-264