Lucene search

[email protected]CVE-2008-4581

HistoryOct 15, 2008 - 8:08 p.m.

CVE-2008-4581

2008-10-1520:08:02

CWE-264

[email protected]

web.nvd.nist.gov

ibm

enovia smarteam

vulnerability

cve-2008-4581

document security

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.0%

JSON

The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release 19 before SP01, allows remote authenticated users to bypass intended access restrictions and read Document objects via the Workflow Process (aka Flow Process) view.

Affected configurations

NVD

Node

ibmenovia_smarteamMatch5

CPENameOperatorVersion
ibm:enovia_smarteamibm enovia smarteameq5

CPE	Name	Operator	Version
ibm:enovia_smarteam	ibm enovia smarteam	eq	5

References

secunia.com/advisories/32105

www-01.ibm.com/support/docview.wss?uid=swg27012567&aid=1

www-1.ibm.com/support/docview.wss?uid=swg1HD71425

www.securityfocus.com/bid/31748

exchange.xforce.ibmcloud.com/vulnerabilities/45943

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.0%

JSON

Related for CVE-2008-4581

nvd1 prion1 cvelist1