CVE-2008-7261

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-010 records DEBUG messages containing user credentials in the log4j.xml file, which might allow local users to obtain sensitive information by reading this file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
ibmfilenet_p8_application_engine
3.5.1
ibmfilenet_p8_application_engine
3.5.1:001
ibmfilenet_p8_application_engine
3.5.1:002
ibmfilenet_p8_application_engine
3.5.1:003
ibmfilenet_p8_application_engine
3.5.1:004
ibmfilenet_p8_application_engine
3.5.1:005
ibmfilenet_p8_application_engine
3.5.1:006
ibmfilenet_p8_application_engine
3.5.1:007
ibmfilenet_p8_application_engine
3.5.1:008
ibmfilenet_p8_application_engine
3.5.1:009
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://download2.boulder.ibm.com/sar/CMA/IMA/00yrk/0/readme-ae351-021.htm
http://download2.boulder.ibm.com/sar/CMA/IMA/00yrk/0/readme-ae351-021.htm