Security Bulletin: ThoughtWorks XStream CVE-2024-47072 security vulnerability in FileNet Content Manager (FNCM) Content Search Services (CSS)

Summary ThoughtWorks XStream CVE-2024-47072 security vulnerability in FileNet Content Manager FNCM Content Search Services CSS Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow in BinaryStreamDriver. By...

Security Bulletin: Apache uimaj-core.jar security vulnerability CVE-2017-15691

Summary Apache uimaj-core.jar security vulnerability CVE-2017-15691 in FileNet Content Manager FNCM Content Search Services CSS/Enterprise Content Management Text Search ECMTS. CSS/ECMTS is affected and is potentially vulnerable. Vulnerability Details CVEID:CVE-2017-15691 DESCRIPTION: Apache uima...

Security Bulletin: Security vulnerability CVE-2024-39689 in Certifi python-certifi that is used by FileNet Content Manager and CP4BA - Filenet Content Manager Component

Summary Security vulnerability CVE-2024-39689 in Certifi python-certifi that is used by FileNet Content Manager and CP4BA - Filenet Content Manager Component in container Operator Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi python-certifi could provide weaker than expected...

Security Bulletin: FileNet Content Manager (FNCM) Content Platform Engine (CPE) user may gain authorization privileges of another user in specific cases

Summary FileNet Content Manager FNCM Content Platform Engine CPE user may gain authorization privileges of another user in specific cases Vulnerability Details CVEID:CVE-2023-47716 DESCRIPTION: IBM CP4BA - Filenet Content Manager Component could allow a user to gain the privileges of another user...

Security Bulletin: Incorrect authorization vulnerability affect IBM Business Automation Workflow - CVE-2023-47716

Summary IBM Business Automation Workflow embedded doucment managaement system is vulnerable to incorrect authorization an attack. Vulnerability Details CVEID:CVE-2023-47716 DESCRIPTION: IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the...

IBM FileNet Content Manager Privilege Permission and Access Control Issues Vulnerability

IBM FileNet Content Manager is a content management solution for the FileNet P8 platform from International Business Machines IBM. The solution combines document management with ready-to-use workflow tools to manage images, video, Web content, compliance documents, and more. IBM FileNet Content...

CVE-2023-47716

IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the privileges of another user under unusual circumstances. IBM X-Force ID: 271656...

Design/Logic Flaw

IBM Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 261115...

Design/Logic Flaw

IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the privileges of another user under unusual circumstances. IBM X-Force ID: 271656...

CVE-2023-47716 IBM FileNet Content Manager privilege escalation

IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the privileges of another user under unusual circumstances. IBM X-Force ID: 271656...

IBM FileNet Content Manager 权限许可和访问控制问题漏洞

IBM FileNet Content Manager is a content management solution for the FileNet P8 platform from International Business Machines IBM. The solution combines document management with ready-to-use workflow tools to manage images, video, Web content, compliance documents, and more. IBM FileNet Content...

PT-2024-1986 · Ibm · Ibm Filenet Content Manager

Name of the Vulnerable Software and Affected Versions: IBM CP4BA - Filenet Content Manager Component versions 5.5.8.0 through 5.5.11.0 Description: The issue is related to insufficient access control in the IBM FileNet Content Manager component, which could allow a user to gain the privileges of...

PT-2024-2156 · Ibm · Ibm Filenet Content Manager

Name of the Vulnerable Software and Affected Versions: IBM Filenet Content Manager Component versions 5.5.8.0 through 5.5.11.0 Description: The issue is related to incorrect restriction of a directory path name with limited access. This could allow a remote attacker to traverse directories on the...

Security Bulletin: Cross Site Scripting (XSS) CVE-2023-35905 security vulnerability in FileNet Content Manager FileNet DetailedStatus

Summary Cross Site Scripting XSS CVE-2023-35905 security vulnerability in FileNet Content Manager FileNet DetailedStatus parameter name Vulnerability Details CVEID:CVE-2023-35905 DESCRIPTION: IBM FileNet Content Manager is vulnerable to cross-site scripting. This vulnerability allows users to emb...

Security Bulletin: Multiple Security vulnerabilities in IBM Java in FileNet Content Manager

Summary Multiple Security vulnerabilities in IBM Java in FileNet Content Manager, affected, not vulnerable Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. By sending a specially-crafted request,...

CVE-2023-35905

IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...

CVE-2023-35905

IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...

Cross site scripting

IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...

CVE-2023-35905 IBM FileNet Content Manager cross-site scripting

IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...

IBM FileNet Content Manager 跨站脚本漏洞

IBM FileNet Content Manager is a flexible and full-featured content management solution. A cross-site scripting vulnerability exists in the IBM FileNet Content Manager Web UI, which can be exploited by remote attackers to inject malicious script or HTML code that can be used to obtain sensitive...