Access Control Vulnerability in IBM FileNet P8 Application Engine
CVE-2009-5001

Currently unrated

Key Information:

Vendor: WordPress
Status: Filenet P8 Application Engine
Vendor: CVE Published:; 20 September 2010

Summary

Inversions in the Workplace component of IBM FileNet P8 Application Engine can lead to inadequate access controls. Specifically, the Creator-Owner of a document may possess full control over associated annotation objects, allowing them to bypass access restrictions set by default security configurations. This weakness could be exploited by remote authenticated users under opportunistic conditions, potentially compromising sensitive information within the system.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1PJ35547

vendor-advisoryx_refsource_AIXAPAR

http://download2.boulder.ibm.com/sar/CMA/IMA/00y3y/0/read...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 20, 2010