Ibm

Filenet Content Manager

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2018-1542

  • EPSS 0.46%
  • Veröffentlicht 06.07.2018 14:29:01
  • Zuletzt bearbeitet 21.11.2024 03:59:59

IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote a...

3.5

CVE-2014-4763

  • EPSS 0.21%
  • Veröffentlicht 15.09.2014 14:55:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Content Navigator in Content Engine in IBM FileNet Content Manager 5.2.x before 5.2.0.3-P8CPE-IF003 and Content Foundation 5.2.x before 5.2.0.3-P8CPE-IF003 allows remote authenticated users to inject arbitr...

4.3

CVE-2013-6746

  • EPSS 0.26%
  • Veröffentlicht 22.01.2014 05:22:15
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5....

4.3

CVE-2013-5449

  • EPSS 0.27%
  • Veröffentlicht 04.12.2013 18:24:28
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in workingSet.jsp in IBM Eclipse Help System (IEHS), as used in the installable InfoCenter component in IBM FileNet Content Manager 4.5.1, 5.0.0, 5.1.0, and 5.2.0, allows remote attackers to inject arbitrary w...

6.8

CVE-2010-3320

  • EPSS 0.54%
  • Veröffentlicht 13.09.2010 21:00:29
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

5

CVE-2010-3319

  • EPSS 0.23%
  • Veröffentlicht 13.09.2010 21:00:29
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file.

5

CVE-2010-3318

  • EPSS 0.28%
  • Veröffentlicht 13.09.2010 21:00:29
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

4.3

CVE-2010-3317

  • EPSS 0.29%
  • Veröffentlicht 13.09.2010 21:00:29
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3

CVE-2010-2896

  • EPSS 0.2%
  • Veröffentlicht 28.07.2010 20:00:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vec...

4.6

CVE-2009-1953

  • EPSS 0.55%
  • Veröffentlicht 08.06.2009 01:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

IBM FileNet Content Manager 4.0, 4.0.1, and 4.5, as used in IBM WebSphere Application Server (WAS) and Oracle BEA WebLogic Application Server, when the CE Web Services listener has a certain WSEAF configuration, does not properly restrict use of a ca...