CVE-2010-2896

CWE-2645 documents4 sources
Severity
4.3MEDIUM
EPSS
0.2%
top 58.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Filenet Content Manager
Timeline
PublishedJul 28
Latest updateMay 17

Description

IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDibm/filenet_content_manager4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-cgrr-j667-g7gr: IBM FileNet Content Manager (CM) 42022-05-17
CVEList
CVE-2010-2896: IBM FileNet Content Manager (CM) 42010-07-28

🕵️Threat Intelligence

2
Talos
Exim Remote Root2010-12-14
Talos
Exim Remote Root2010-12-14
CVE-2010-2896 (MEDIUM CVSS 4.3) | IBM FileNet Content Manager (CM) 4. | cvebase.io