CVE-2010-3319

CWE-2553 documents3 sources
Severity
5.0MEDIUM
EPSS
0.2%
top 54.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Filenet Content Manager
Timeline
PublishedSep 13
Latest updateMay 17

Description

IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/filenet_content_manager4.5.0, 4.5.1+1

🔴Vulnerability Details

2
GHSA
GHSA-6c4x-44x4-6fcv: IBM Records Manager (RM) 42022-05-17
CVEList
CVE-2010-3319: IBM Records Manager (RM) 42010-09-13
CVE-2010-3319 (MEDIUM CVSS 5) | IBM Records Manager (RM) 4.5.x befo | cvebase.io