Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM FileNet P8 Application Engine Workplace组件权限许可和访问控制漏洞
Vulnerability Description
Application Engine(AE) 是 FileNet P8 平台的三大引擎之一,AE 做为用户和 CE, PE server 的桥梁,为 FileNet P8 实现内容和流程管理。 IBM FileNet P8 Application Engine (P8AE) 4.0.2.2-P8AE-FP002之前的4.0.2.x版本中的Workplace(又名WP)组件即使在默认实例安全被改变的情况下,也会赋予文档创建者对注释对象的全部控制。远程认证用户可以在投机状况下绕过访问限制。
CVSS Information
N/A
Vulnerability Type
N/A