Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-002 removes a user from an ACL when the user is denied all permissions for an annotation, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM FileNet P8 Application Engine Image Viewer组件权限许可和访问控制漏洞
Vulnerability Description
Application Engine(AE) 是 FileNet P8 平台的三大引擎之一,AE 做为用户和 CE, PE server 的桥梁,为 FileNet P8 实现内容和流程管理。 IBM FileNet P8 Application Engine (P8AE) 3.5.1-002之前的3.5.1版本中的Image Viewer组件在用户的所有批注权限被拒绝时会从ACL中移除一个用户。远程认证用户可以在投机状况下绕过访问限制。
CVSS Information
N/A
Vulnerability Type
N/A