CVE-2009-1953

Name of the Vulnerable Software and Affected Versions: IBM FileNet Content Manager versions 4.0 through 4.5

Description: The issue arises when the CE Web Services listener has a certain WSEAF configuration, allowing remote attackers to obtain access with the credentials of a recently authenticated user via unspecified vectors. This occurs due to the improper restriction of a cached Subject.

Recommendations: For IBM FileNet Content Manager versions 4.0 through 4.5, consider reconfiguring the CE Web Services listener to properly restrict the use of cached Subjects until a patch is available. Restrict access to the affected WSEAF configuration to minimize the risk of exploitation.