Authentication Bypass Vulnerability in IBM OmniFind Enterprise Edition
CVE-2010-3896

Currently unrated

Key Information:

Vendor: IBM
Status: Omnifind
Vendor: CVE Published:; 12 November 2010

Summary

The ESSearchApplication directory structure in IBM OmniFind Enterprise Edition versions 8.x and 9.x is improperly secured, allowing unauthorized users to access and modify server configurations remotely through specific requests. This vulnerability exposes critical components of the application to potential manipulation, creating risks for data integrity and operational stability.

References

http://www.securityfocus.com/archive/1/514688/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/44740

vdb-entryx_refsource_BID

http://security.fatihkilic.de/advisory/fkilic-sa-2010-ibm...

x_refsource_MISC

Timeline

Vulnerability published
Nov 12, 2010
Vulnerability Reserved
Oct 12, 2010