Ibm Content Foundation vulnerabilities
3 known vulnerabilities affecting ibm/content_foundation.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2018-1542HIGHCVSS 7.1v5.2.1v5.5.02018-07-06
CVE-2018-1542 [HIGH] CWE-611 CVE-2018-1542: IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console
IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM
nvd
CVE-2018-1555MEDIUMCVSS 5.4v5.2.1v5.5.02018-07-06
CVE-2018-1555 [MEDIUM] CWE-79 CVE-2018-1555: IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerabilit
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142892.
nvd
CVE-2018-1556MEDIUMCVSS 5.4v5.2.1v5.5.02018-07-06
CVE-2018-1556 [MEDIUM] CWE-79 CVE-2018-1556: IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerabilit
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142893.
nvd