Design/Logic Flaw

2008-10-1520:08:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.0%

JSON

The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release 19 before SP01, allows remote authenticated users to bypass intended access restrictions and read Document objects via the Workflow Process (aka Flow Process) view.

CPENameOperatorVersion
enovia_smarteameq5

CPE	Name	Operator	Version
	enovia_smarteam	eq	5

References

secunia.com/advisories/32105

www-01.ibm.com/support/docview.wss?uid=swg27012567&aid=1

www-1.ibm.com/support/docview.wss?uid=swg1HD71425

www.securityfocus.com/bid/31748

exchange.xforce.ibmcloud.com/vulnerabilities/45943