CVE ID: CVE-2015-0146 Description: - IBM Content Collector for Email could allow a local attacker to obtain sensitive information due to improper handling of a search query. - This vulnerability affects IBM FileNet P8 systems configured with IBM Content Search Services. CVSS Score: - Base Score: 2.1 - Temporal Score: See X-Force Link - CVSS Vector: Affected Products and Versions: - IBM Content Collector 3.0 - IBM Content Collector 4.0 Remediation/Fixes: - IBM Content Collector 3.0.0.6: Apply Interim Fix 3.0.0.6-IBM-ICC-Server-IF001 - IBM Content Collector 4.0.0.3: Apply Interim Fix 4.0.0.3-IBM-ICC-Server-IF001 Workarounds and Mitigations: None References: - Complete CVSS v2 Guide - On-line Calculator v2 Related Information: - IBM Secure Engineering Web Portal - IBM Product Security Incident Response Blog Change History: - 13 February 2015: Original version published. - 11 March 2015: Update availability of 3.0.0.6-IBM-ICC-Server-IF001