Vulnerability Details : CVE-2010-2896
IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors.
Exploit prediction scoring system (EPSS) score for CVE-2010-2896
Probability of exploitation activity in the next 30 days: 0.07%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 30 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-2896
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2010-2896
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-2896
-
http://www-01.ibm.com/support/docview.wss?uid=swg21441225
IBM notice: The page you requested cannot be displayedVendor Advisory
-
http://www.vupen.com/english/advisories/2010/1847
Webmail | OVH- OVHVendor Advisory
Products affected by CVE-2010-2896
- cpe:2.3:a:ibm:filenet_content_manager:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:filenet_content_manager:4.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:filenet_content_manager:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:filenet_content_manager:4.5.0:*:*:*:*:*:*:*