CVE-2010-2896

EUVD-2010-2900
IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Affected Products (NVD)
VendorProductVersion
ibmfilenet_content_manager
4.0.0
ibmfilenet_content_manager
4.0.1
ibmfilenet_content_manager
4.5.0
ibmfilenet_content_manager
4.5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/40614
http://www-01.ibm.com/support/docview.wss?uid=swg21441225
http://www.vupen.com/english/advisories/2010/1847
http://secunia.com/advisories/40614
http://www-01.ibm.com/support/docview.wss?uid=swg21441225
http://www.vupen.com/english/advisories/2010/1847