Search criteria
4 vulnerabilities found for filenet_p8_business_process_manager by ibm
CVE-2013-6746 (GCVE-0-2013-6746)
Vulnerability from nvd – Published: 2014-01-22 02:00 – Updated: 2024-08-06 17:46
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:23.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "65045",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65045"
},
{
"name": "ibm-filenet-cve20136746-xss(89862)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89862"
},
{
"name": "56500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56500"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21662360"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "65045",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65045"
},
{
"name": "ibm-filenet-cve20136746-xss(89862)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89862"
},
{
"name": "56500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56500"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21662360"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-6746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "65045",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65045"
},
{
"name": "ibm-filenet-cve20136746-xss(89862)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89862"
},
{
"name": "56500",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56500"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21662360",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21662360"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-6746",
"datePublished": "2014-01-22T02:00:00",
"dateReserved": "2013-11-08T00:00:00",
"dateUpdated": "2024-08-06T17:46:23.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1046 (GCVE-0-2011-1046)
Vulnerability from nvd – Published: 2011-02-21 17:00 – Updated: 2024-08-06 22:14
VLAI?
Summary
IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), does not require the PRIVILEGED_WRITE access role for all intended Object Store modifications, which allows remote attackers to change a privileged property of an object via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-filenet-contentengine-sec-bypass(65448)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65448"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21462438"
},
{
"name": "46432",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46432"
},
{
"name": "ADV-2011-0423",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0423"
},
{
"name": "43347",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43347"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), does not require the PRIVILEGED_WRITE access role for all intended Object Store modifications, which allows remote attackers to change a privileged property of an object via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ibm-filenet-contentengine-sec-bypass(65448)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65448"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21462438"
},
{
"name": "46432",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46432"
},
{
"name": "ADV-2011-0423",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0423"
},
{
"name": "43347",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43347"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), does not require the PRIVILEGED_WRITE access role for all intended Object Store modifications, which allows remote attackers to change a privileged property of an object via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-filenet-contentengine-sec-bypass(65448)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65448"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21462438",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21462438"
},
{
"name": "46432",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46432"
},
{
"name": "ADV-2011-0423",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0423"
},
{
"name": "43347",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43347"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1046",
"datePublished": "2011-02-21T17:00:00",
"dateReserved": "2011-02-21T00:00:00",
"dateUpdated": "2024-08-06T22:14:27.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6746 (GCVE-0-2013-6746)
Vulnerability from cvelistv5 – Published: 2014-01-22 02:00 – Updated: 2024-08-06 17:46
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:23.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "65045",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65045"
},
{
"name": "ibm-filenet-cve20136746-xss(89862)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89862"
},
{
"name": "56500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56500"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21662360"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "65045",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65045"
},
{
"name": "ibm-filenet-cve20136746-xss(89862)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89862"
},
{
"name": "56500",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56500"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21662360"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-6746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "65045",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65045"
},
{
"name": "ibm-filenet-cve20136746-xss(89862)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89862"
},
{
"name": "56500",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56500"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21662360",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21662360"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-6746",
"datePublished": "2014-01-22T02:00:00",
"dateReserved": "2013-11-08T00:00:00",
"dateUpdated": "2024-08-06T17:46:23.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1046 (GCVE-0-2011-1046)
Vulnerability from cvelistv5 – Published: 2011-02-21 17:00 – Updated: 2024-08-06 22:14
VLAI?
Summary
IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), does not require the PRIVILEGED_WRITE access role for all intended Object Store modifications, which allows remote attackers to change a privileged property of an object via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-filenet-contentengine-sec-bypass(65448)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65448"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21462438"
},
{
"name": "46432",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46432"
},
{
"name": "ADV-2011-0423",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0423"
},
{
"name": "43347",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43347"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), does not require the PRIVILEGED_WRITE access role for all intended Object Store modifications, which allows remote attackers to change a privileged property of an object via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ibm-filenet-contentengine-sec-bypass(65448)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65448"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21462438"
},
{
"name": "46432",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46432"
},
{
"name": "ADV-2011-0423",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0423"
},
{
"name": "43347",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43347"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), does not require the PRIVILEGED_WRITE access role for all intended Object Store modifications, which allows remote attackers to change a privileged property of an object via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-filenet-contentengine-sec-bypass(65448)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65448"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21462438",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21462438"
},
{
"name": "46432",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46432"
},
{
"name": "ADV-2011-0423",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0423"
},
{
"name": "43347",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43347"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1046",
"datePublished": "2011-02-21T17:00:00",
"dateReserved": "2011-02-21T00:00:00",
"dateUpdated": "2024-08-06T22:14:27.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}