IBM » Content Collector : Security Vulnerabilities, CVEs,
IBM Content Collector for Email 3.0 before 3.0.0.6-IBM-ICC-Server-IF001 and 4.0 before 4.0.0.3-IBM-ICC-Server-IF001 does not properly handle an unspecified query operator during searches of IBM FileNet P8 systems with IBM Content Search Services, which allows local users to bypass intended document-access restrictions and obtain sensitive information via a crafted search query.
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-03-18
Updated
2015-03-18
The Outlook Extension in IBM Content Collector 4.0.0.x before 4.0.0.0-ICC-OE-IF004 allows local users to bypass the intended Reviewer privilege requirement and read e-mail messages from an arbitrary mailbox by invoking the Search function.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-08-12
Updated
2017-08-29
2 vulnerabilities found