CVE-2006-7241

CWE-2643 documents3 sources
Severity
4.0MEDIUM
EPSS
0.1%
top 74.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Filenet P8 Application Engine
Timeline
PublishedSep 20
Latest updateMay 1

Description

The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-002 removes a user from an ACL when the user is denied all permissions for an annotation, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-9p8f-m497-5g6q: The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) 32022-05-01
CVEList
CVE-2006-7241: The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) 32010-09-20
CVE-2006-7241 (MEDIUM CVSS 4) | The Image Viewer component in IBM F | cvebase.io