CVE-2008-7261

CWE-2553 documents3 sources
Severity
2.1LOW
EPSS
0.1%
top 84.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Filenet P8 Application Engine
Timeline
PublishedSep 20
Latest updateMay 17

Description

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-010 records DEBUG messages containing user credentials in the log4j.xml file, which might allow local users to obtain sensitive information by reading this file.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-qf8v-m53m-4pfw: The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 32022-05-17
CVEList
CVE-2008-7261: The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 32010-09-20
CVE-2008-7261 (LOW CVSS 2.1) | The Workplace (aka WP) component in | cvebase.io