IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 188736.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/188736 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/6336917 | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/188736 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/6336917 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:33
Type | Values Removed | Values Added |
---|---|---|
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/188736 - VDB Entry, Vendor Advisory | |
References | () https://www.ibm.com/support/pages/node/6336917 - Patch, Vendor Advisory |
Information
Published : 2020-11-09 21:15
Updated : 2024-11-21 05:33
NVD link : CVE-2020-4759
Mitre link : CVE-2020-4759
CVE.ORG link : CVE-2020-4759
JSON object : View
Products Affected
ibm
- filenet_content_manager
CWE
CWE-1236
Improper Neutralization of Formula Elements in a CSV File