CVE-2006-7241

Name of the Vulnerable Software and Affected Versions IBM FileNet P8 Application Engine (P8AE) version 3.5.1 before 3.5.1-002

Description The issue concerns the Image Viewer component, which may allow remote authenticated users to bypass intended access restrictions under certain circumstances. This occurs when a user is denied all permissions for an annotation, and the component removes the user from an ACL.

Recommendations For IBM FileNet P8 Application Engine (P8AE) version 3.5.1 before 3.5.1-002, update to version 3.5.1-002 or later to resolve the issue.