Lucene search

[email protected]NVD:CVE-2006-7242

HistorySep 20, 2010 - 10:00 p.m.

CVE-2006-7242

2010-09-2022:00:02

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.001

Percentile

45.6%

JSON

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-001 does not ensure that the AE Administrator role is present for Site Preferences modifications, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.

Affected configurations

Nvd

Node

ibmfilenet_p8_application_engineMatch3.5.1

VendorProductVersionCPE
ibmfilenet_p8_application_engine3.5.1cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	filenet_p8_application_engine	3.5.1	cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:::::::*

References

download2.boulder.ibm.com/sar/CMA/IMA/00yrk/0/readme-ae351-021.htm

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.001

Percentile

45.6%

JSON

Related for NVD:CVE-2006-7242

cve1 cvelist1