PT-2010-4384 · Ibm · Ibm Filenet Content Manager

Publicado

2010-07-28

Atualizado

2010-07-29

CVE-2010-2896

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM FileNet Content Manager (CM) versions 4.0.0 through 4.0.1 IBM FileNet Content Manager (CM) versions 4.5.0 through 4.5.1 before FP4

Description The issue arises from improper management of the InheritParentPermissions setting during an upgrade from version 3.x. This might allow attackers to bypass intended folder permissions.

Recommendations For versions 4.0.0 through 4.0.1, update to a version that properly manages the InheritParentPermissions setting. For versions 4.5.0 through 4.5.1, apply FP4 to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2010-2896

Produtos afetados

Ibm Filenet Content Manager

PT-2010-4384 · Ibm · Ibm Filenet Content Manager

CVE-2010-2896

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4