Vulnerability Description
The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-002 removes a user from an ACL when the user is denied all permissions for an annotation, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Filenet P8 Application Engine | 3.5.1 |
Related Weaknesses (CWE)
References
- http://download2.boulder.ibm.com/sar/CMA/IMA/00yrk/0/readme-ae351-021.htm
- http://download2.boulder.ibm.com/sar/CMA/IMA/00yrk/0/readme-ae351-021.htm
FAQ
What is CVE-2006-7241?
CVE-2006-7241 is a vulnerability with a CVSS score of 4.0 (MEDIUM). The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-002 removes a user from an ACL when the user is denied all permissions for an annotation, which might allow re...
How severe is CVE-2006-7241?
CVE-2006-7241 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-7241?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Filenet P8 Application Engine.