File Upload Vulnerability in IBM FileNet WorkPlace XT
CVE-2016-8921

8.8HIGH

Key Information:

Vendor: IBM
Status: Filenet Content Manager
Vendor: CVE Published:; 1 February 2017

What is CVE-2016-8921?

A vulnerability in IBM FileNet WorkPlace XT allows attackers to upload arbitrary files to the server. This insecure file upload could potentially be exploited by an attacker to execute arbitrary code, leading to unauthorized operations on the affected server. Organizations using affected versions are advised to review their configurations and apply recommended security patches to mitigate this risk.

Affected Version(s)

FileNet Content Manager 4.0

FileNet Content Manager 4.0.1

FileNet Content Manager 4.5.0

References

http://www.ibm.com/support/docview.wss?uid=swg21994018

x_refsource_CONFIRM

http://www.securityfocus.com/bid/94582

vdb-entryx_refsource_BID

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 1, 2017
Vulnerability Reserved
Oct 25, 2016