Filenet Content Manager Security Vulnerabilities and Issues — Filenet Content Manager CVE List

Lucene search

IbmFilenet Content Manager

8 matches found

CVE•added 2024/03/01 3:15 a.m.•84 views

CVE-2023-38366

IBM Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 261115.

5.3CVSS5.2AI score0.00054EPSS

CVE•added 2023/10/04 1:15 a.m.•68 views

CVE-2023-35905

IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ...

5.4CVSS4.8AI score0.00135EPSS

CVE•added 2018/07/06 2:29 p.m.•40 views

CVE-2018-1556

IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142893...

5.4CVSS5.4AI score0.00216EPSS

CVE•added 2020/07/23 4:15 p.m.•38 views

CVE-2020-4447

IBM FileNet Content Manager 5.5.3 and 5.5.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 181227...

5.4CVSS5.2AI score0.00236EPSS

CVE•added 2010/09/13 9:0 p.m.•35 views

CVE-2010-3318

IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

5CVSS6.1AI score0.00275EPSS

CVE•added 2018/07/06 2:29 p.m.•35 views

CVE-2018-1555

5.4CVSS5.4AI score0.00216EPSS

CVE•added 2010/09/13 9:0 p.m.•34 views

CVE-2010-3319

IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file.

5CVSS6.1AI score0.00225EPSS

CVE•added 2018/05/01 2:29 p.m.•31 views

CVE-2018-1502

IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

5.4CVSS5.2AI score0.00237EPSS