The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-001 does not ensure that the AE Administrator role is present for Site Preferences modifications, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
References
Configurations
History
21 Nov 2024, 00:24
Type | Values Removed | Values Added |
---|---|---|
References | () http://download2.boulder.ibm.com/sar/CMA/IMA/00yrk/0/readme-ae351-021.htm - |
Information
Published : 2010-09-20 22:00
Updated : 2024-11-21 00:24
NVD link : CVE-2006-7242
Mitre link : CVE-2006-7242
CVE.ORG link : CVE-2006-7242
JSON object : View
Products Affected
ibm
- filenet_p8_application_engine
CWE
CWE-264
Permissions, Privileges, and Access Controls