CVE-2009-5002

CWE-2643 documents3 sources

Severity

6.4MEDIUM

EPSS

0.2%

top 55.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Filenet P8 Application Engine

Timeline

PublishedSep 20

Latest updateMay 2

Description

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.1-P8AE-FP001 does not record Get Content Failure Audit events, which might allow remote attackers to attempt content access without detection.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

▶NVDibm/filenet_p8_application_engine4.0.2

🔴Vulnerability Details

GHSA

GHSA-8485-r2jc-j23f: The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4↗2022-05-02

▶

CVEList

CVE-2009-5002: The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4↗2010-09-20

▶