Ibm

Filenet Content Manager

20 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2018-1542

  • EPSS 0.46%
  • Published 06.07.2018 14:29:01
  • Last modified 21.11.2024 03:59:59

IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote a...

3.5

CVE-2014-4763

  • EPSS 0.21%
  • Published 15.09.2014 14:55:11
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Content Navigator in Content Engine in IBM FileNet Content Manager 5.2.x before 5.2.0.3-P8CPE-IF003 and Content Foundation 5.2.x before 5.2.0.3-P8CPE-IF003 allows remote authenticated users to inject arbitr...

4.3

CVE-2013-6746

  • EPSS 0.26%
  • Published 22.01.2014 05:22:15
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5....

4.3

CVE-2013-5449

  • EPSS 0.27%
  • Published 04.12.2013 18:24:28
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in workingSet.jsp in IBM Eclipse Help System (IEHS), as used in the installable InfoCenter component in IBM FileNet Content Manager 4.5.1, 5.0.0, 5.1.0, and 5.2.0, allows remote attackers to inject arbitrary w...

6.8

CVE-2010-3320

  • EPSS 0.54%
  • Published 13.09.2010 21:00:29
  • Last modified 11.04.2025 00:51:21

Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

5

CVE-2010-3319

  • EPSS 0.23%
  • Published 13.09.2010 21:00:29
  • Last modified 11.04.2025 00:51:21

IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file.

5

CVE-2010-3318

  • EPSS 0.28%
  • Published 13.09.2010 21:00:29
  • Last modified 11.04.2025 00:51:21

IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

4.3

CVE-2010-3317

  • EPSS 0.29%
  • Published 13.09.2010 21:00:29
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3

CVE-2010-2896

  • EPSS 0.2%
  • Published 28.07.2010 20:00:07
  • Last modified 11.04.2025 00:51:21

IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vec...

4.6

CVE-2009-1953

  • EPSS 0.55%
  • Published 08.06.2009 01:00:00
  • Last modified 09.04.2025 00:30:58

IBM FileNet Content Manager 4.0, 4.0.1, and 4.5, as used in IBM WebSphere Application Server (WAS) and Oracle BEA WebLogic Application Server, when the CE Web Services listener has a certain WSEAF configuration, does not properly restrict use of a ca...