CVE-2011-1046

Опубликовано: 21 фев. 2011

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), does not require the PRIVILEGED_WRITE access role for all intended Object Store modifications, which allows remote attackers to change a privileged property of an object via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ibm:filenet_p8_content_engine:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_engine:4.0.1.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_engine:4.0.1.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_engine:4.0.1.12:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_engine:4.0.1.13:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_engine:4.5.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_engine:4.5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_engine:4.5.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_engine:4.5.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_engine:4.5.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_engine:4.5.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_engine:5.0.0:*:*:*:*:*:*:*

Одно из

cpe:2.3:a:ibm:filenet_p8_business_process_manager:*:*:*:*:*:*:*:*

cpe:2.3:a:ibm:filenet_p8_content_manager:*:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00348

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-v725-vrpf-8mgm

github

больше 3 лет назад