Lucene search
MitreCVE-2006-7241HistorySep 20, 2010 - 10:00 p.m.
CVE-2006-7241
2010-09-2022:00:01
CWE-264
mitre
web.nvd.nist.gov
22
ibm
filenet
p8ae
vulnerability
image viewer
remote access restrictions
nvd
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
AI Score
6.2
Confidence
Low
EPSS
0.001
Percentile
45.6%
The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-002 removes a user from an ACL when the user is denied all permissions for an annotation, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.
Affected configurations
Node
ibmfilenet_p8_application_engineMatch3.5.1
ORibmfilenet_p8_application_engineMatch3.5.1001
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | filenet_p8_application_engine | 3.5.1 | cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:*:*:*:*:*:*:* |
| ibm | filenet_p8_application_engine | 3.5.1 | cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:001:*:*:*:*:*:* |
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
AI Score
6.2
Confidence
Low
EPSS
0.001
Percentile
45.6%
Related for CVE-2006-7241