Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM FileNet Content Manager 4.0, 4.0.1, and 4.5, as used in IBM WebSphere Application Server (WAS) and Oracle BEA WebLogic Application Server, when the CE Web Services listener has a certain WSEAF configuration, does not properly restrict use of a cached Subject, which allows remote attackers to obtain access with the credentials of a recently authenticated user via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM WAS 'FileNet Content Manager'安全绕过漏洞
Vulnerability Description
IBM FileNet Content Manager 4.0版本,4.0.1版本以及4.5版本,当在IBM WebSphere应用程序服务器(WAS) 和Oracle BEA WebLogic应用程序服务器中运行以及CE Web Services listener具有某个WSEAF设置时,没有适当地限制Cache储藏主体,这会允许远程攻击者可以借助未明向量获得最近验证用户的具有凭证信息的访问权。
CVSS Information
N/A
Vulnerability Type
N/A