Security vulnerabilitiy exists in in Oracle Outside In Technology (OIT) which affects the IBM FileNet Content Manager and IBM Content Foundation products.
CVE-ID: CVE-2016-3455
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component has complete confidentiality impact, partial integrity impact, and partial availability impact.
CVSS Base Score: 9.000
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/112406 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:P/A:P)
FileNet Content Manager 5.1.0, 5.2.0, 5.2.1
IBM Content Foundation 5.2.0, 5.2.1
To address this vulnerability, install one of the fixes listed below to upgrade the installed version of Oracle Outside In Technology (OIT) to April 2016 patch p22804502.
Product | VRMF | APAR | Remediation/First Fix |
---|---|---|---|
FileNet Content Manager | 5.1.0 |
5.2.0
5.2.1| PJ44113
PJ44114
PJ44112
PJ44115
PJ44112
PJ44115| 5.1.0.7-P8CE-FP007 - 8/11/2017
5.1.0.0-P8CSS-IF017 - 8/11/2017
5.2.0.5-P8CPE-FP005 - 6/3/2016
5.2.0.5-P8CSS-FP005 - 6/3/2016
5.2.1.5-P8CPE-FP005 - 7/14/2016
5.2.1.5-P8CSS-FP005 - 7/14/2016
IBM Content Foundation| 5.2.0
5.2.1| PJ44112
PJ44115
PJ44112
PJ44115| 5.2.0.5-P8CPE-FP005 - 6/3/2016
5.2.0.5-P8CSS-FP005 - 6/3/2016
5.2.1.5-P8CPE-FP005 - 7/14/2016
5.2.1.5-P8CSS-FP005 - 7/14/2016
In the above table, the APAR links will provide more information about the fix.
None