CVE-2010-2896

Опубликовано: 28 июл. 2010

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors.

Ссылки

http://secunia.com/advisories/40614
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21441225
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1847
Vendor Advisory
http://secunia.com/advisories/40614
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21441225
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1847
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:filenet_content_manager:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_content_manager:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_content_manager:4.5.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_content_manager:4.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.00195

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-cgrr-j667-g7gr

github

больше 3 лет назад