IBM FileNet P8 Application Engine Vulnerability Exposes User Credentials
CVE-2008-7261

Currently unrated

Key Information:

Vendor: WordPress
Status: Filenet P8 Application Engine
Vendor: CVE Published:; 20 September 2010

Summary

The Workplace component in IBM FileNet P8 Application Engine version 3.5.1 and earlier versions erroneously records DEBUG messages, which include sensitive user credentials, in the log4j.xml file. This can lead to information disclosure where local users with access to the log file can retrieve and misuse sensitive information. It is crucial for organizations to apply appropriate measures to mitigate the risks associated with this data exposure.

References

http://download2.boulder.ibm.com/sar/CMA/IMA/00yrk/0/read...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 20, 2010