CVE-2011-1046
21.02.2011, 18:00
IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), does not require the PRIVILEGED_WRITE access role for all intended Object Store modifications, which allows remote attackers to change a privileged property of an object via unspecified vectors.Enginsight
Vendor | Product | Version |
---|---|---|
ibm | filenet_p8_content_engine | 4.0.1 |
ibm | filenet_p8_content_engine | 4.0.1.10 |
ibm | filenet_p8_content_engine | 4.0.1.11 |
ibm | filenet_p8_content_engine | 4.0.1.12 |
ibm | filenet_p8_content_engine | 4.0.1.13 |
ibm | filenet_p8_content_engine | 4.5.0 |
ibm | filenet_p8_content_engine | 4.5.0.2 |
ibm | filenet_p8_content_engine | 4.5.1.3 |
ibm | filenet_p8_content_engine | 4.5.1.4 |
ibm | filenet_p8_content_engine | 4.5.1.5 |
ibm | filenet_p8_content_engine | 4.5.1.6 |
ibm | filenet_p8_content_engine | 5.0.0 |
ibm | filenet_p8_business_process_manager | * |
ibm | filenet_p8_content_manager | * |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References