Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-001 does not ensure that the AE Administrator role is present for Site Preferences modifications, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM FileNet P8 Application Engine Workplace组件未明权限许可和访问控制漏洞
Vulnerability Description
Application Engine(AE) 是 FileNet P8 平台的三大引擎之一,AE 做为用户和 CE, PE server 的桥梁,为 FileNet P8 实现内容和流程管理。 IBM FileNet P8 Application Engine (P8AE) 3.5.1-001之前的3.5.1版本中的Workplace(又名WP)组件在修改网站的设定时不能正确地对AE管理员角色进行控制。远程认证用户可以借助未明向量绕过访问限制。
CVSS Information
N/A
Vulnerability Type
N/A