CVE-2010-2896

IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
ibmfilenet_content_manager
4.0.0
ibmfilenet_content_manager
4.0.1
ibmfilenet_content_manager
4.5.0
ibmfilenet_content_manager
4.5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/40614
http://www-01.ibm.com/support/docview.wss?uid=swg21441225
http://www.vupen.com/english/advisories/2010/1847
http://secunia.com/advisories/40614
http://www-01.ibm.com/support/docview.wss?uid=swg21441225
http://www.vupen.com/english/advisories/2010/1847